The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

What is Tamper Protection feature in Windows 11/10

Download Windows Speedup Tool to fix errors and make PC run faster

One of the best things about Microsoft is that they are trying to make a stronger security system for their OS. The new Tamper Protection is set to add more key features in securing our data.  Tamper Protection is a new setting available in the Windows Security app which provides additional protections against changes to key security features, including limiting changes that are not made directly through the app.

What is Tamper Protection in Windows 11/10

If you are a home user, you can toggle the setting from the Virus & threat protection settings area in the Windows Security app.

Tamper Protection in Windows Security

When it comes to simple home users, you can connect the setting in your app right from your Virus and Threat tab. If you are a corporate user, you can use Intune management to manage the security settings centrally. This feature will be enabled by default for all home users. For enterprise customers, it will be opt-in.

The full end-to-end functionality of this security feature is still being worked on. But, you can find a setting on the current Windows 11/10, Windows Defender Anti-Virus.

Enable or disable Tamper Protection in Windows Defender

To enable or disable Tamper Protection, Press Win+I to open Settings. Go to Update & security > Windows Security tab > Virus & Threat Protection > Virus & Threat Protection Settings > Manage Settings. Here you can toggle the Tamper Protection switch On or Off.

You can also use Intune or Registry to enable or disable Tamper Protection.

How does Tamper Protection help

You get real-time protection based on the Microsoft Defender ATP – which is next-generation protection. It prevents others from tampering with important security features. You should not disable it. It offers:

  1. Cloud-based detection of malware within seconds.
  2. Get the IOVA which is a detection tool of suspicious files on the web.
  3. A behavior monitoring tool that detects suspicious behavior in active apps.
  4. The Tamper Protection also prevents the deleting or disabling of the Windows Defender.

If you are a corporate user, you could have a centralized setting. But, your admin roles will not be able to change those settings.

For enterprise customers (such as those with a Microsoft Defender ATP license), this feature will be opt-in and can only be managed from the Intune management console. Local device admin users will not be able to change the setting. This ensures that even malicious apps – or malicious actors – can’t locally override the setting. Note that enterprise management is not available in current preview versions of Windows, but we’ll be bringing it to preview shortly, says Microsoft.

Tamper Protection

Tamper protection builds on other security features like Windows Defender Antivirus Sandboxing capability and expands existing tamper protection strategies across Microsoft Defender Advanced Threat Protection.

Tamper protection is now available for all customers, including Enterprise in Microsoft Defender ATP Threat and Vulnerability.

TIP: This post will help you if Windows 11 Tamper Protection is greyed out.

AnandK@TWC

Anand Khanse is the Admin of TheWindowsClub.com, a 10-year Microsoft MVP (2006-16) & a Windows Insider MVP (2016-2022). Please read the entire post & the comments first, create a System Restore Point before making any changes to your system & be careful about any 3rd-party offers while installing freeware.