Microsoft Defender will mark it as malicious and display "critical" warnings.
The file Hosts can be modified using any word processor, but the editing application should start with administrator privileges. The file hosts is in a system folder, so applications without administrator privileges will not be able to save it.
The file Hosts consists of lines of text. Each row must include an IP address in the first column followed by one or more hostnames. The text columns are separated by a space.
Lines starting with the # character are not read by the operating system.
So if you put Microsoft servers in the file HOSTS and you send them to the internal address 127.0.0.1, you will stop the operating system from accessing the real servers.
So there comes Microsoft Defender which prevents you from saving this file and will show you the following dialog.
Note: SettingsModifier: Win32 / HostsFileHijack is a new, proprietary category for the modified file. Microsoft seems to have recently updated Microsoft Defender definitions to track when their servers are added to the file HOSTS.
According to BleepingComputer, the following entries in HOSTS will enable detection:
If you decide to clear this "threat" with Microsoft Defender, the company will restore the file HOSTS in its default contents.
The modification of the file HOSTS it's not a good idea anyway especially if it is done in an inappropriate way or has been done by malware.
However, for users who really know what they are doing, it is a great way to leave less control of their operating system in the hands of Microsoft, while protecting their privacy.