Microsoft stirred controversy when it recently said Windows 10 users are no longer able to disable the Windows Defender suite. Microsoft did not originally say why it was stopping the ability to disable the native anti-virus tool.
After many complaints, Microsoft has now offered a reason for the decision.
The situation started when the company sent out Windows 10 security update 4.18.2007.8 last month. This update came with a significant change. Namely, Microsoft decided to kill the “DisableAntiSpyware” Registry value.
This was important because the value was a gate for users to disable Microsoft Defender (previously Windows Defender) permanently. For some users, this was a problem but as we explain in a tutorial, there are several ways to disable Windows Defender on Windows 10.
Microsoft now says it removed the ability to disable the service through the Registry because of a built-in tool that has always been available. Specifically, Microsoft Defender has a feature where it turns off automatically when it detects a third-party antivirus install.
Automatic Turn Off
For Microsoft, the company says it makes little sense to have a disable option when the program does it itself:
“The impact of the DisableAntiSpyware removal is limited to Windows 10 versions prior to 1903 using Microsoft Defender Antivirus. This change does not impact third party antivirus connections to the Windows Security app. Those will still work as expected,” Microsoft says.
Microsoft also says the removal of the Registry path will also make the Tamper Protection feature safer.
This is a Defender ability that stops bad actors changing Windows Defender from outside. Microsoft points out some malware attacks could bypass Tamper Protection by exploiting “DisableAntiSpyware”.