One of the new elements is tamper protection, a security feature enabled by default on all Windows 10 devices. We will explain what this new feature does, how it works, and how to enable it on your computer if it is not already activated.
What is the anti-sabotage protection
Fraud Protection is a security feature officially available for both personal and corporate customers of Microsoft using the Windows 10 operating system.
If it's currently disabled on your Windows 10 device, do not worry; Microsoft will apply this change to all Windows 10 users, but you will have to wait a few days to take it into account.
The anti-sabotage protection debuted in the 1903 version; it avoids security overrides in the antivirus settings of Windows Security and Windows Defender.
Thus, no registry changes, group policy, Windows command-line tool, or other program, including malicious programs, can alter the security features.
If you can not wait for the deployment of this feature in several steps, continue reading to learn how to manually enable it on your computer.
Note: Anti-fraud protection is available for free Windows Defender and Microsoft Defender Advanced Threat Protection (ATP) antivirus.
How sabotage protection works
Tamper protection prevents malware and other programs or attempts by others to compromise the important security features of your device.
The Windows Defender antivirus becomes more reliable with the increasing security enhancements included in the operating system. However, there is a corresponding increase in efforts to circumvent it.
Malware and malware try to do this by disabling or reducing its functionality through group policies, PowerShell commands, or registry changes.
Trojans and other malicious programs such as TrickBot and GootKit have made concerted efforts to infiltrate and live on infected computers or bypass their security protections.
By activating tamper protection, such attempts will be reset or completely ignored. The Windows Defender antivirus automatically activates when you uninstall a third-party antivirus, which is an additional reason to enable the forgery protection feature for added protection.
What anti-sabotage protection prevents from preventing
According to Microsoft, activating Tamper Protection prevents harmful code and other malicious programs that target your device's security settings from doing the following:
- Disable viruses, threats, and real-time protection, especially the latter, which is the anti-malware scanning feature of Microsoft Defender ATP.
- Disable the Windows Defender antivirus components such as IOAV, which handles the detection of suspicious files on the Web.
- Removing security updates and disabling the anti-malware solution
- Disable behavior monitoring that works with real-time protection to analyze and determine if active processes are behaving suspiciously or maliciously and blocking them.
- Disable Cloud Protection, which uses Microsoft's cloud-based prevention and discovery services to block new malware in seconds.
If you upgrade your version of Windows 10 and the protection provided by the cloud is enabled, tamper protection will also be enabled.
Anti-fraud protection is a registration feature that is managed from the Intune Management Console for E5 enterprise customers, meaning that even local device administrators can not change the setting.
Note: Microsoft has not changed the way the Windows Security application saves third-party antivirus solutions.
How to enable tamper protection in Windows 10
If you do not want to wait for Microsoft to deploy the anti-tampering feature, you can manually enable it on your Windows 10 device by following these steps:
Step 1: Click Start and select Settings.
2nd step: Click Updates and Security.
Step 3: In the left pane, click Windows Security.
Step 4: Then, click Virus and Threat Protection.
Step 5: Under the Virus and Threat Protection settings, click Manage Settings.
Step 6: Scroll through the list and locate the tamper protection and enable the switch if it is disabled.
Note: In the Insider Build version of Windows 10, the Anti-tampering feature is enabled. So, most likely, it will also be activated in the final version.
How to use forgery protection with third-party security software
If third-party security software is installed on your Windows 10-based device, Microsoft will disable Windows Defender Antivirus and register your current tool as an antivirus provider.
This means that the anti-sabotage protection will be disabled, as well as other features. Fortunately, you can enable tamper protection even with a third-party antivirus in place by following these steps.
Step 1: Open Settings> Update & Security> Windows Security> Virus and Threat Protection. Here you will see your current antivirus software.
2nd step: Click on the Windows Defender Antivirus options.
Step 3: Toggle the flip-flop that asks if you want to enable periodic scans with the Windows Defender Antivirus. This will give you access to Tamper Protection and all other Windows Security settings.
Step 4: Switch the tamper switch to On.
Eliminate pesky malware (and people)
Microsoft may have created the anti-forgery feature for enterprise environments, but individual users can still benefit from higher levels of protection. However, for the moment, it is not easy to judge the effectiveness of the protective device. Likewise, it is available only on Windows 10 1903 or later, but Microsoft will soon bring it to older versions. In the meantime, we are waiting to see how effective this will be.
Then: Windows 10 includes several security features and you need to enhance the security of your computer. See the next article on Windows Defender Exploit Guard and its additional intrusion prevention features.