Microsoft adds supports for tamper protection in Defender ATP

The feature prevents threat actors from modifying security settings on Windows 10 device

Microsoft has added support for tamper protection in Microsoft Defender ATP (MDATP) Threat & Vulnerability Management to help organisations get additional information on exposed machines.

The Tamper protection feature was first added to MDATP for enterprise customers in March 2019. The security feature prevents threat actors from altering or disabling security settings that are designed to stop them from infiltrating networks.

It was previously available only in Version 1903 of Window 10 operating system, but it is now available in 1709, 1803, 1809, 1903, and 1909 versions.

When enabled on a Windows 10 device, it will automatically block any attempt by malware operators to change Windows Defender or Windows Security settings and to bypass built-in security protection in the operating system.

"We are happy to announce that tamper protection is now supported in Microsoft Defender ATP Threat & Vulnerability Management to help raise your organisation's security posture," wrote Shweta Jha of Microsoft Defender ATP team in a blog post.

"This provides security teams greater visibility into how many machines don't have this feature turned on, the ability to monitor changes over time, and a process to turn on the feature," she added.

For Home users, the Tamper Protection feature can be turned on or off via the "Virus & threat protection" tab available in Windows Security settings area.

Enterprise users, however, can also centrally manage the feature through the Intune management portal.

On Wednesday, Microsoft also rolled out a new feature in Windows 10 that will enable users to choose what optional drivers and non-security updates they wish to install on their system.

Last year, many users criticised Microsoft for pushing a number of flawed drivers via Windows Update, which eventually affected the installation of major feature updates.

The company then decided to introduce a feature that would give users control over whether to install the feature updates.

Windows Update section will now offer a link titled "View optional updates" to let users access the new Optional updates interface. Once clicked, the link will show a list of optional drivers for keyboard, mouse, processor, graphics and other devices, as well as updates that users can install if they wish.

As part of the changes, Microsoft will allow hardware developers to label their drivers as "Manual" or "Automatic" to indicate how they should be offered to Windows users.

Drivers set to "Automatic" will be automatically installed on applicable systems.

"We believe that this new effort will enable our collective customers to get the highest quality, and most reliable drivers faster and with less friction," Microsoft said.