Tamper Protection: Η Microsoft πρόσθεσε επιπλέον προστασία κατά της παραβίασης της εφαρμογής Defender Advanced Threat Protection (ATP) to prevent some malware from disabling antivirus on infected computers.
The new feature can be activated from within the Windows application Security by a new option called 'Tamper Protection'.
This feature prevents malware from changing the kernel settings, such as the real-time protection feature, a feature that Microsoft says "should rarely be turned off".
There are many examples of malware trying to avoid detection by defeating its security implementation computer, όπως το DoubleAgent malware που εκμεταλλεύεται μια λειτουργία προγραμματιστών των Windows για να απενεργοποιήσει τα λογισμικά Avast, AVG, Avira, Bitdefender, Trend Micro, Comfortable, ESET, F-Kaspersky, Malwarebytes, McAfee, Panda and Norton.
Defender ATP tamper protection will also stop any malware which attempts to disable scanning and block services that help protect against zero-day malware. Malware will not be able to delete security updates after enabling the above configuration.
Although Microsoft Defender ATP is a product for businesses, tamper protection will also be available for Windows Home users, and will be enabled by default.
______________
- ASUS does not convince us: they had been warned months ago
- Virus definition update destroys Windows Defender