Microsoft is constantly improving the Windows operating system’s security through policy implementations and hardening the hardware requirements. One security feature has been around since Windows 10: Tamper Protection, which is enabled by default on both Windows 10 and Windows 11 operating systems.
The purpose of this feature is 2-fold. It keeps your system safe from unauthorized changes to Windows Security configurations. However, when enabled, even an administrative user is unable to make changes from outside the Windows Security app.
Sometimes someone may need to make security changes to the system using a third-party app. However, Tamper Protection blocks any changes. An external app or program may also not be able to make changes to Windows Security settings from the Group Policy, Command Prompt, or even the Windows Registries.
This article discusses what Tamper Protection is, why it is important for your computer, and how to disable it when needed.
What is Tamper Protection
Tamper Protection is a Windows Security (formerly known as Microsoft Defender Antivirus) feature. When enabled, this feature blocks malicious and third-party applications from making unauthorized changes to Windows Security settings and configurations.
Exploits and trojan horses increase the attack surface by reducing your system’s security by making changes to the current security settings. If Tamper Protection is disabled, viruses can take control of the app or its respective Group Policy or Windows Registry settings and make unauthorized changes, making your system vulnerable to other threats.
However, if it is enabled, any malicious app or virus would be unable to make these changes.
That said, with Tamper Protection enabled, administrators can still make changes to the Windows Security settings from the app. Moreover, it cannot control how third-party antivirus software interoperates with the Windows Security app.
Now that we understand how useful this feature is, let’s continue to see how to disable Tamper Protection when needed.
Disable Windows Security Tamper Protection
Follow the steps given below to disable Tamper Protection:
Note: Disabling Tamper Protection will put your computer to risk from malicious apps and exploits. Therefore, it is recommended that you do not disable it. If you absolutely must, then we recommend that you re-enable it once you are done with your task(s).
Navigate to the following:
Settings app >> Privacy & security >> Windows Security >> Virus & threat protection
Here, click Manage Settings under Virus & threat protection settings.
Now scroll down and toggle the slider under Tamper Protection into the Off position.
Tamper Protection will now be disabled and you may continue to perform the task that was required.
Once you are done, we recommend that you re-enable Tamper Protection simply by toggling the same slider into the Ok position.
Check Tamper Protection Status
Before making the hassle of going through so many Settings pages, you can check your Tamper Protection status through Windows PowerShell.
Run the following cmdlet in an elevated PowerShell:
Here, check the status of “IsTamperProtected.” If it says “True,” then it means that it is enabled. If it states “false,” it means that Tamper Protection is disabled.
Tamper Protection blocks applications from making changes to Windows Security settings from within the app, as well as through other means, like enforcing Group Policies and direct changes through Windows Registry. It ensures that no unauthorized changes are made.
However, one may need to disable the feature to make such changes deliberately. For example, a developer may need certain Windows Security settings to be changed for their app to work, or an enterprise user may need to disable Tamper Protection to allow certain in-house apps to make the necessary changes.
Whatever the reason, we always recommend that you keep your guard up at all times, and therefore enable Tamper Protection when the task(s) is completed.