
If you’re not sure, the most recent version (as of the time this article was written) is version 1903, which was the May 2019 update.
Assuming you’ve got that version or later, you should have Microsoft’s Tamper Protection enabled by default.
If you’re not sure what the big deal is, in a nutshell, Windows Tamper Protection blocks scripts, apps and programs from making changes to your security settings and to Microsoft Defender. That’s a very good thing, but if you’re looking for a bit more detail, keep reading.
Microsoft has all of this to say about the feature:
“Tamper protection prevents unwanted changes to security settings on devices. With this protection in place, customers can mitigate malware threats that attempt to disable security protection features. Here are some examples of services and settings that are protected from modification, either by local admins or by malicious applications:
- Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next generation protection and should rarely, if ever be disabled.
- Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before-seen malware within seconds.
- IOAV (IE Downloads and Outlook Express Attachments initiated), which handles the detection of suspicious files from the internet.
- Behavior monitoring, which works with real-time protection to analyze and determine whether active processes are behaving in a suspicious or malicious way, and then blocks them.
- Security intelligence updates, which Windows Defender Antivirus uses to detect the latest threats.”
All that to say, it’s a solid feature and a fairly robust means of protecting your computer. Kudos to Microsoft for making it a priority. If you’re a home user, you can check the status of your system’s Tamper Protection in the Windows Security app. Just check to see if Tamper Protection is enabled and you’re all set.
