What Is Tamper Protection in Windows 10 and How Do You Enable it

Elsie Otachi

Microsoft has introduced a raft of interesting changes and features in Windows 10 this year, the most recent ones coming to Version 1903 or the May 2019 update.

Tamper Protection Featured Image

One of the new items is Tamper Protection, a security feature that’s enabled by default on all Windows 10 devices. We’re going to explain what this new feature does, how it works, and how you can enable it on your computer if it’s not activated already.

What Is Tamper Protection

Tamper Protection is a security feature that’s officially available for Microsoft’s consumer and enterprise customers using the Windows 10 operating system.

If it’s currently disabled on your Windows 10 device, don’t worry; Microsoft will roll-out this change to every Windows 10 user though you’d have to be patient for a few days for it to take effect.

Tamper Protection Windows 10 Computers

Tamper Protection made a debut in version 1903, the feature helps prevent security bypasses in Windows Security and Windows Defender antivirus settings.

That way, no Registry changes, group policies, Windows command line tools, or other programs, including malware, can tamper with the security features.

If you can't wait for Microsoft's multi-stage rollout of the feature, read on to find out how to manually enable it on your computer.

Note: Tamper Protection is available for the free Windows Defender antivirus and Microsoft Defender Advanced Threat Protection (ATP).

How Tamper Protection Works

Tamper Protection prevents malware and other programs or attempts by other people from compromising your device’s important security features.

The Windows Defender antivirus becomes more reliable with the increasing security enhancements included in the operating system. However, there’s a corresponding increase in efforts made to bypass it.

Tamper Protection Windows 10 Tamper Protection Work


Rogue programs and malware try to do this by turning off or reducing its functionality via group policies, PowerShell commands, or Registry changes.

There have been several concerted efforts by Trojans and other malicious programs like TrickBot and GootKit to infiltrate and live within infected computers or bypass their security protections.

By enabling Tamper Protection, such attempts will get reset or ignored altogether. Windows Defender antivirus comes on automatically when you uninstall a third-party antivirus, all the more reason to enable the Tamper Protection feature for added protection.

What Does Tamper Protection Prevent Against

According to Microsoft, enabling Tamper Protection prevents nefarious code and other rogue programs that target your device’s security settings from doing the following:

  • Disable virus, threat, and real-time protection, especially the latter, which is Microsoft Defender ATP's core anti-malware scanning feature.
  • Disable Windows Defender antivirus' components like IOAV, which handles the detection of suspicious files from the web.
  • Deleting security intelligence updates and disabling the anti-malware solution altogether
  • Turn off behavior monitoring that works with real-time protection to analyze and determine whether or not active processes are behaving suspiciously or maliciously and blocks them.
  • Disable cloud-delivered protection, which uses Microsoft's cloud-based prevention and detection services to block new malware in seconds.

If you upgrade your Windows 10 version and cloud-delivered protection is enabled, then Tamper Protection will be enabled too.

For enterprise E5 customers, Tamper Protection is an opt-in feature managed from the Intune management console, which means not even local device admins can change the setting.

Note: Microsoft hasn't changed how the Windows Security app registers third-party antivirus solutions.

How to Enable Tamper Protection in Windows 10

If you don’t want to wait for Microsoft’s roll-out of the Tamper Protection feature, you can enable it manually on your Windows 10 device using these steps:

Step 1: Click Start and select Settings.

Tamper Protection Windows 10 Settings

Step 2: Click Updates and Security.

Tamper Protection Windows 10 Settings Update Security

Step 3: On the left pane, click Windows Security.

Tamper Protection Windows Security

Step 4: Next, click on Virus and Threat Protection.

Tamper Protection Windows Security Virus Threat Protection

Step 5: Under the Virus and Threat Protection settings, click Manage Settings.

Tamper Protection Windows Security Virus Threat Protection Manage Settings

Step 6: Scroll down and locate Tamper Protection and toggle the switch On if it’s off.

Tamper Protection Windows 10 Settings Tamper Protection

Note: In the Insider Build version of Windows 10, the Tamper Protection feature is turned on. So most likely, it’ll be enabled in the release version too.

How to Use Tamper Protection with Third-Party Security Software

If you have third-party security software installed on your Windows 10 device, Microsoft will disable Windows Defender Antivirus, and register your current tool as the antivirus provider.

What this means is that Tamper Protection will be disabled, plus other features. Thankfully though, you can enable Tamper Protection even with a third-party antivirus in place using the steps below.

Step 1: Open Settings>Update & Security>Windows Security>Virus and Threat Protection. Here, you’ll see your current antivirus software.

Tamper Protection Windows Security Virus Threat Protection

Step 2: Click Windows Defender Antivirus options.

Tamper Protection Windows Defender Antivirus Options

Step 3: Switch the toggle that asks if you’d like to enable periodic scanning with Windows Defender antivirus. This way, you’ll get access to Tamper Protection and all the other Window Security settings.

Tamper Protection Windows Defender Antivirus Options Periodic Scanning

Step 4: Toggle the Tamper Protection switch to On.

Tamper Protection Windows 10 Settings Tamper Protection

Keep Pesky Malware (And People) Away

Microsoft may have built the Tamper Protection feature for enterprise environments, but home users can still enjoy the superior protection levels. However, for now, it’s not easy to judge the effectiveness of the protective feature. Similarly, it’s only available to Windows 10 1903 May release or later versions, but Microsoft will port it to older versions shortly. Meanwhile, we wait to see how effective it’ll be.

Next up: Windows 10 packs several security features and you should ramp up the security of your computer. Check out the next article about the Windows Defender Exploit Guard and the extra intrusion prevention capabilities it brings.

Read Next
What is Windows Defender Exploit Guard and How to Enable it on Windows 10
Also See
#antivirus #malware

Join the newsletter

Elsie Otachi

Written By

Elsie Otachi

Elsie is a technology writer whose goal is to help people out with useful solutions to their daily tech issues in a simple, straightforward and unbiased style. When she's not writing or dabbling with gadgets and apps, Elsie loves to binge on her favorite series on Netflix, listen to music, or read a good book.