Windows security: Microsoft Defender AV can now stop malware from disabling it

[silversurfer]

Microsoft has added tamper protection to its antivirus product Microsoft Defender Advanced Threat Protection (ATP) to prevent the common malware tactic of disabling antivirus on infected PCs. 

The new feature can be enabled from within the Windows Security app under a new toggle simply called 'Tamper Protection'. 
 
The feature stops malware from changing core settings such as real-time protection, a feature that Microsoft says "should rarely, if ever, be disabled". 

The Defender ATP tamper protection also stops malware from disabling Microsoft's cloud-based malware detection and preventing services that help block zero-day malware, as well as a feature to detect dodgy files from the internet. And malware will not be able to delete security intelligence updates once the setting has been enabled. 
 
While Microsoft Defender ATP is an enterprise product, tamper protection will be available to Windows home users and it will be enabled by default.

SOURCE: https://www.zdnet.com/article/windows-se...abling-it/