Disable Tempar Protection Defender for Endpoint

This Microsoft Defender for Endpoint post will show how to turn off tamper protection on Windows machines.

Microsoft Defender for Endpoint (MDE) tamper protection protects multiple security settings on Windows machines and prevents end users from disabling them.

Tamper protection prevents bad actors during a cyber attack from turning off security features like Anti-Virus, real-time scans and more.

When tamper protection is on, the following message is displayed next to protected security features.

Disabling tamper protection is not recommended; however, in some cases, it is needed, and this post will show you how.

Disabling tamper protection is possible using two methods: Defender for Endpoint or Microsoft Intune. In the post, I will show both options.

Disable Tamper Protection Using MDE

To turn off tamper protection, Open the MDE console

Click on Settings

Click on Endpoints

Click on Advanced Settings

Switch off Tamper Protection

Disable Tamper Protection Using Intune

Create a configuration profiles

Select Templates

Select Endpoint protection

Microsoft Defender Security Center

Set Tamper Protection to Disabled

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.