Microsoft has detailed a new feature for the Windows 10 April 2019 update as it nears its release. Called Tamper Protection, it builds on the functionality of Windows Defender’s sandboxing feature to prevent unwanted changes.
“Tamper protection is a new setting available in the Windows Security app which provides additional protections against changes to key security features, including limiting changes that are not made directly through the app,” said the company.
The feature will prevent other apps from disabling settings like real-time protection, cloud-detection, and behavior monitoring. It will also stop more advanced tactics like the deletion of security updates and malware database definitions.
Anybody who’s run into a serious virus will know these modifications can be a real pain. Attackers often do everything they can to stop users from removing malicious software, blocking security websites and rendering anti-virus solutions useless.
Often, the only choice is to download a USB-based tool on a different PC to run at boot, which isn’t always practical. The addition of Tamper Protection should prevent the need for complex solutions. The feature will be on by default for Windows Home users, but opt-in for enterprise.
Currently, it’s available in preview for Windows Insiders, launching back in December with build 18305. It comes as part of a wider focus on security from Microsoft as the slew of Windows-focused malware and zero-day exploits continue.
As well as Tamper Protection, users will be able to see a history of when access to a protected folder is blocked. This way, they’ll know if an app tried to access sensitive information without their permission.
You can read more detail about Tamper Protection on the TechCommunity blog.