Tamper Protection: Microsoft has added additional tamper protection to Defender Advanced Threat Protection (ATP) to prevent the practice of some malware to disable antivirus on infected computers.
The new feature can be enabled from within the Windows Security app from a new option called 'Tamper Protection'. 
This feature prevents malware from changing the kernel settings, such as the real-time protection feature, a feature that Microsoft says "should rarely be turned off".
There are many examples of malicious software που προσπαθούν να αποφύγουν την ανίχνευση εξουδετερώνοντας την εφαρμογή ασφαλείας του υπολογιστή, όπως το DoubleAgent malware που εκμεταλλεύεται μια λειτουργία προγραμματιστών των Windows για να απενεργοποιήσει τα λογισμικά Avast, AVG, Avira, Bitdefender, Trend Micro, Comodo, ESET, F- Kaspersky, Malwarebytes, McAfee, Panda και Norton.
Defender ATP tamper protection will also stop any malware which attempts to disable scanning and block services that help protect against zero-day malware. Malware will not be able to delete security updates after enabling the above configuration.
Although Microsoft Defender ATP is a product for businesses, tamper protection will also be available for Windows Home users, and will be enabled by default.
______________
- ASUS does not convince us: they had been warned months ago
- Virus definition update destroys Windows Defender
