Windows 10 1903: Windows Defender Antivirus gets Tamper Protection feature

Martin Brinkmann
Dec 19, 2018
Updated • Mar 28, 2019
Windows, Windows 10

Microsoft released a new preview build of the upcoming first feature update of 2019 for Windows 10; the new build, the last for this year according to Microsoft, introduced a number of interesting new features and changes to the operating system.

We covered Windows Sandbox, a new sandboxing feature, earlier today already. It is integrated in all Pro and Enterprise editions of Windows 10 and can be used without installation of virtual machine images or third-party software.

Another new security related feature protects Windows Defender Antivirus from tampering.

Tamper Protection

tamper protection windows 10

Tamper Protection's description provides some insight on what it does:

Prevents others from tampering with important security features.

The feature itself lacks additional information, but Microsoft revealed additional tidbits on the Windows Experience blog:

Tamper Protection is a new setting from Windows Defender Antivirus, available in the Windows Security app, which when on, provides additional protections against changes to key security features, including limiting changes which are not made directly through the Windows Security app.

Tamper Protection prevents certain changes to security features to avoid misuse. Malicious applications could change security settings but with tamper protection in place, these setting changes should be blocked by Tamper Protection.

Microsoft reveals little else: we know just one scenario where changes are blocked if Tamper Protection is enabled but there are more.

How to enable or disable Tamper Protection

  1. Use the shortcut Windows-I to open the Settings application.
  2. Go to Windows Security > Virus & Threat Protection > Virus & Threat Protection Settings > Manage Settings.
  3. Toggle Tamper Protection on or off.

The feature was turned on in the Insider Build version of Windows 10 the feature launched in. It is likely that it will be enabled in the release version as well.

Disabling may be useful if you use third-party software such as Configure Defender which may be blocked from making changes to Windows Defender after you upgrade Windows 10 the 2019 feature update for Windows 10.

The following Registry key determines whether the feature is enabled or disabled:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Features
    • 0: Tamper Protection is disabled.
    • 1: Tamper Protection is enabled.

Closing Words

The lack of information makes it difficult to judge how effective the new protective feature is. It remains to be seen how effective the new protective feature is.

Tampering Protection did not prevent any of the changes that I made using Configure Defender.

Now You: Which security solution do you use on Windows? Does it have tamper protection?

Windows 10 1903: Windows Defender Antivirus gets Tamper Protection feature
Article Name
Windows 10 1903: Windows Defender Antivirus gets Tamper Protection feature
Tamper Protection is a new security feature of Windows Defender Antivirus that Microsoft plans to launch in the first 2019 feature update for Windows 10.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. suse said on November 5, 2019 at 10:43 pm

    In Windows 10 ver 1903, Tamper Protection can not be changes, please assist me, thanks

  2. suse said on November 5, 2019 at 10:40 pm

    In Windows 10 ver 1903, Tamper Protection can not be changes

  3. Squuiid said on July 14, 2019 at 11:11 am

    “1: Tamper Protection is enabled.”

    This should be 5 not 1.

  4. David F said on May 26, 2019 at 9:16 pm

    Didn’t stop mine turning off. It got disabled by a trojan in march 2019…….had to re-install windows to turn it back on!

  5. John IL said on May 23, 2019 at 11:19 pm

    Noticed on my clean install of 1903 that it was off. Was that because I used a Local account and no password? I turned it on in settings and seemed to stay on..

    1. Martin said on June 19, 2019 at 3:51 am

      Same here, local account and no password at creation (set it later to avoid the security questions BS) and it was also off by default.

      I actually found this post because I looked it up after reading that it “is on by default” (which it isn’t).

  6. asd said on December 20, 2018 at 4:42 pm

    if Tamper Protection means not every app being able to easily add anything to the Windows Firewall, I am all for it. otherwise it is probably just more headache when you want to use apps like Shutup10 to disable crap.

  7. 11r20 said on December 20, 2018 at 5:27 am

    The U.S. Homegrown Microshyyt Chicom Maoist’s don’t want anyone tampering with anything…They prefer to “Baffle the Rubes with BS” as a Sales Model…and a Tamper Proof Huawei styled product with State Sanctioned Back Doors is just what the their globalist
    Masta’s of Disasta want…

    Screw WinBlows10…Use a locked down Win7

  8. Anonee said on December 19, 2018 at 10:33 pm

    Good that they added tamper protection but it’s pathetic that it didn’t already have tamper protection all this time. Haven’t other AV’s offered tamper protection for like a decade or more now?
    Then again, it’s also pathetic that you have to still use an AV with Windows, whereas my Mac and Linux installs require none and are built on a better, modular, UNIX design which is inherently more secure.

    1. Doc said on December 22, 2018 at 2:38 am

      Really? There’s no Mac malware?

      Oh, right, that’s a falsehood:

      A Mac APT (Advanced Persistent Threat, more or less a rootkit) went undetected for **four months.**

  9. Yuliya said on December 19, 2018 at 10:05 pm

    I use my brain. Idk if it has tamper protection though, it starts acting funny after a couple of drinks :S

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.