10/14/19 M$ Announces "Tamper Protection" Enabled by Default

perceivedelusion · Oct 15, 2019

You need to login to view this posts content.

SlowTech · Oct 15, 2019

Hopefully that'll help protect us against some of the new variants of Ransomware that have sprung up in the past few years

Enthousiast · Oct 15, 2019

For all my installs it always was enabled by default. And if not instantly after the os installed, the next defender platform update enabled it.

perceivedelusion · Oct 15, 2019

at SlowTech,
You ever use CryptoPrevent or set Permissions through Group Policy Editor to combat RansomWare?
CP is much easier. MalwareBytes and other apps do the same thing that CP has been doing all along.

archangeliques · Oct 16, 2019

Enthousiast said: ↑

For all my installs it always was enabled by default. And if not instantly after the os installed, the next defender platform update enabled it.
Click to expand...

Any negative effect on KMS_VL_ALL or variants?

Enthousiast · Oct 16, 2019

archangeliques said: ↑

Any negative effect on KMS_VL_ALL or variants?
Click to expand...

No

murphy78 · Oct 17, 2019

First saw this on 1903 build though it's possible they put it in a previous non-ga build. This tamper protection is done by the defender service itself and is a pain in the ass to disable. IIRC you gotta go into the defender settings to temporarily disable it before changing your boot options to stop loading the defender service.

sebus · Oct 20, 2019

That is going to be a bugger to manage for Enterprise...

perceivedelusion · Oct 22, 2019

I hope not
but then they say, wish in one hand ...

10/14/19 M$ Announces "Tamper Protection" Enabled by Default

perceivedelusion MDL Member

SlowTech MDL Novice

Enthousiast MDL Tester

perceivedelusion MDL Member

archangeliques MDL Member

Enthousiast MDL Tester

murphy78 MDL DISM Enthusiast

sebus MDL Guru

perceivedelusion MDL Member