Karlston Posted August 20, 2020 Share Posted August 20, 2020 Microsoft makes it difficult to disable Windows Defender on Windows 10 Microsoft Defender Antivirus is the default antivirus protection on the company's Windows 10 operating system. If administrators don't install a different antivirus solution, Windows Defender Antivirus is enabled and will protect the system in various ways. Administrators may configure some settings of the program in the Windows 10 Settings application; this includes turning various security feature such as cloud delivered protection, tamper protection, exploit protection or ransomware protection on or off. What administrators cannot do is disable the program entirely using the Settings app. Disabling real-time protection offers a temporary recourse only as it is automatically enabled again by the operating system. Microsoft released an update for the security program earlier this month that introduced two major changes to it. The first made Microsoft Defender Antivirus flag hosts file manipulations as malicious if they contained entries for certain Microsoft servers, mostly Telemetry servers used to submit data from the Windows 10 device to Microsoft. The second change came to light just recently. It appears that Microsoft disabled the Registry key DisableAntiSpyware which administrators could use to disable Microsoft Windows Defender. Most uses should not deactivate Microsoft Defender Antivirus if no other antivirus program is active on the system. In some situations, it may be required to disable the tool: If an installed antivirus solution did not lead to Microsoft Defender Antivirus disabling itself. If the user needs to disable the software because of incompatibilities. If no antivirus software is required. Our colleagues over at Deskmodder note that third-party software such as Defender Control should still work. The equally excellent Configure Defender may work as well. It is unclear at this point in time if the Group Policy options to disable Windows Defender still work. Closing Words Most third-party antivirus solutions come with options to turn off the protection. While not advised, the programs do give users the choice to do so if they choose that option. Are the two changes in the latest version of Microsoft Windows Defender related? Microsoft is tight lipped about the changes and it seems unlikely that it is going to release a public statement about either of these. Microsoft makes it difficult to disable Windows Defender on Windows 10 Link to comment Share on other sites More sharing options...
BimBamSmash Posted August 21, 2020 Share Posted August 21, 2020 12 hours ago, Karlston said: The first made Microsoft Defender Antivirus flag hosts file manipulations as malicious if they contained entries for certain Microsoft servers, mostly Telemetry servers used to submit data from the Windows 10 device to Microsoft. No surprises there, but can anyone confirm the behavior? We are always better off configuring things like that on routers. It's the option that is least likely to "vaporize" with every update, upgrade, or clean installations. Link to comment Share on other sites More sharing options...
Igor Posted August 23, 2020 Share Posted August 23, 2020 Microsoft has blocked the ability to disable Windows 10 antivirus Microsoft has disabled the DisableAntiSpyware registry key that administrators used to force disable the built-in antivirus in Windows 10 - Microsoft Defender Microsoft Defender Antivirus is the standard antivirus protection in Windows 10. If the device administrator does not install a third-party protection solution, Windows Defender remains enabled to help keep your system secure in a variety of ways. System administrators can change some security settings in Windows Security, such as enabling or disabling Cloud Protection, Anti-Counterfeiting Protection, Exploit Protection, Anti-Ransomware, and more. However, disabling the security software completely using the Settings application is not available. Real-time protection can be disabled only for a certain period of time, after which it will be enabled automatically by the operating system. Earlier in August, Microsoft released a security update that brought two major changes. First, Microsoft Defender antivirus began to mark hosts files with Windows 10 telemetry server blocking rules as unsafe. The second change was discovered quite recently. Starting with Microsoft Defender 4.18.2007.8 and later (update KB4052623), Microsoft disabled the DisableAntiSpyware registry key that administrators used to permanently disable Microsoft Defender. When checking, it turned out that now also the Group Policy settings designed to disable Windows Defender and, for example, the third-party solution O&O ShutUp10, do not work. Note that some third-party customization solutions for Microsoft Defender, such as Defender Control (disable Windows Defender) and Configure Defender (manage security components), still work. In most scenarios, you should not turn off Microsoft Defender Antivirus if no other antivirus software is active on the system. However, in some situations it may be necessary to disable the tool, for example: If the installation of a third-party antivirus did not disable Microsoft Defender. If the antivirus needs to be disabled due to compatibility issues. If antivirus protection is not required. Most third-party antivirus solutions allow you to disable protection. Of course, this manipulation is not recommended, but at least the user should have a choice. https://www.comss.ru/page.php?id=7874 Link to comment Share on other sites More sharing options...
Karlston Posted August 23, 2020 Author Share Posted August 23, 2020 Similar topics merged. Link to comment Share on other sites More sharing options...
3175x175(CURRENT).thumb.jpg.b05acc060982b36f5891ba728e6d953c.jpg)
Recommended Posts
Archived
This topic is now archived and is closed to further replies.