Tamper protection now available in Windows 10 Home and for organizations through Microsoft InTune

Windows Defender Security Center
Windows Defender Security Center (Image credit: Windows Central)

What you need to know

  • Tamper protection detects when an attempt is made to alter security settings.
  • Tamper protection is now available in Windows 10 Home and for organizations through Microsoft Intune.
  • The feature has been in testing through Insiders since earlier this year but is now generally available.

Hackers and attackers continually try to find new ways to get into computer systems. One tactic is to disable Windows Defender Antivirus. By disabling real-time protection, attackers can get into systems more easily. Microsoft is rolling out a new feature that helps prevent this, tamper protection. The feature detects and prevents unwanted changes to security settings on devices. It's now available in Windows 10 Home and available to organizations through Microsoft InTune.

In a techcommunity post, Microsoft breaks down how tamper protection works and what it aims to stop. The post lists five examples of what tamper protection accomplishes:

  1. Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next generation protection and should rarely, if ever, be disabled
  2. Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before-seen malware within seconds
  3. IOAV (IE Downloads and Outlook Express Attachments initiated), which handles the detection of suspicious files from the Internet
  4. Behavior monitoring, which works with real-time protection to analyze and determine whether active processes are behaving in a suspicious or malicious way, and then blocks them
  5. Security intelligence updates, which Windows Defender Antivirus uses to detect the latest threats

For Windows 10 Home users, tamper protection will be turned on by default. The feature is being turned on gradually. Users can use the Windows Security app to review or change settings for tamper protection.

Organizations can deploy tamper protection through MIcrosoft Intune. Organizations can enable the feature for an entire organization or individual devices and user groups.

Sean Endicott
News Writer and apps editor

Sean Endicott is a tech journalist at Windows Central, specializing in Windows, Microsoft software, AI, and PCs. He's covered major launches, from Windows 10 and 11 to the rise of AI tools like ChatGPT. Sean's journey began with the Lumia 740, leading to strong ties with app developers. Outside writing, he coaches American football, utilizing Microsoft services to manage his team. He studied broadcast journalism at Nottingham Trent University and is active on X @SeanEndicott_ and Threads @sean_endicott_.