Microsoft ‘s New Tamper Protection in Defender ATP Lets block never-before seen Malware within Seconds

Microsoft released a new future called Tamper protection in Microsoft Defender ATP to provide next-gen security to their users and block the advanced and never before seen malware within a seconds.

In order to expand the security in Microsoft anti-malware solution, Tamper protection provides an additional security future against improper modification in the apps by sophisticated malware.

Microsoft enabled this future in both home and enterprise users, in this case, Enterprise users directly manage in this future via Microsoft’s
Intune management portal.

Tamper ProtectionTamper Protection

According to Microsoft, This feature builds on our previously announced Windows Defender Antivirus sandboxing capability and expands existing tamper protection strategies across Microsoft Defender Advanced Threat Protection.

Home users can have this future by default when Windows is installed and its automatically turn on when users upgrade the windows or enable the Cloud-delivered protection.

Enterprise customers can enable this future but only be managed from the Intune management console.

In this case, the local device admin users will not be able to change the setting due to the security concern to prevent locally override the setting by malicious apps or threat actors.

“Enabling this feature prevents others (including malicious apps) from changing important protection features such as:

  • Real-time protection, which is the core antimalware scanning feature of Microsoft Defender ATP next-gen protection and should rarely, if ever, be disabled
  • Cloud-delivered protection, which uses our cloud-based detection and prevention services to block never-before seen malware within seconds
  • IOAV, which handles the detection of suspicious files from the Internet
  • Behavior monitoring, which works with real-time protection to analyze and determine if active processes are behaving in a suspicious or malicious way and blocks them.

Users can test this future in any recent Windows Insider build released during March 2019 or later.

Learn: Complete Malware Analysis Course- Advance Malware Analyst Bundle

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Balaji

BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Recent Posts

Critical Apache Parquet Vulnerability Allows Remote Code Execution

A severe vulnerability has been identified in the Apache Parquet Java library, specifically within its parquet-avro module.…

7 minutes ago

Halo ITSM Vulnerability Lets Attackers Inject Malicious SQL Code

A critical security flaw has been discovered in Halo ITSM, an IT support management software widely…

2 hours ago

Australian Pension Funds Hacked: Members Face Financial Losses

Several of Australia’s largest superannuation funds have been targeted in a coordinated cyberattack, leading to…

3 hours ago

Frida Penetration Testing Toolkit Updated with Advanced Threat Monitoring APIs

In a significant update to the popular dynamic instrumentation toolkit Frida, developers have introduced powerful…

3 hours ago

OpenVPN Flaw Allows Attackers Crash Servers and Run Remote Code

OpenVPN, a widely-used open-source virtual private network (VPN) software, has recently patched a security vulnerability…

5 hours ago

Apache Traffic Server Flaw Allows Request Smuggling Attacks

A critical vulnerability has been discovered in Apache Traffic Server (ATS), an open-source caching proxy…

5 hours ago