This Microsoft Defender for Endpoint post will show how to turn off tamper protection on Windows machines.
Microsoft Defender for Endpoint (MDE) tamper protection protects multiple security settings on Windows machines and prevents end users from disabling them.
Tamper protection prevents bad actors during a cyber attack from turning off security features like Anti-Virus, real-time scans and more.
When tamper protection is on, the following message is displayed next to protected security features.
Disabling tamper protection is not recommended; however, in some cases, it is needed, and this post will show you how.
Disabling tamper protection is possible using two methods: Defender for Endpoint or Microsoft Intune. In the post, I will show both options.
Disable Tamper Protection Using MDE
To turn off tamper protection, Open the MDE console
Click on Settings
Click on Endpoints
Click on Advanced Settings
Switch off Tamper Protection
Disable Tamper Protection Using Intune
Create a configuration profiles
Select Endpoint protection
Microsoft Defender Security Center
Set Tamper Protection to Disabled