WARNING: This content has been developed for intermediate to advanced Windows computer users. Following these instructions will likely prevent some applications on your computer from functioning as expected. If you are not comfortable with this or unsure about your technical skills, we recommend that you do not try to follow these instructions.
Windows Defender (also known as Microsoft Defender) has come with the Microsoft Windows package for many years. It was not particularly good at blocking malware. In recent years, however, it became possible to make Windows Defender much more secure by turning on some of the features that many regular users do not know about. Configured in this way, Windows Defender outperforms most well-established antivirus platforms.
This article will guide you through enabling these features. Please bear in mind that Windows does not enable these features by default out of a fear that it will interfere with application compatibility. If you enable these features, some applications may not operate correctly. Thankfully, restoring Windows Defender to “normal” operation is just as easy as it is to lock it down. Directions on how to do that will also be provided here.
Operating system requirements
- Windows 10 Professional or Enterprise version 1709 or later. You can find which version of Windows you have by selecting the Start button > Settings > System > About. Under Windows specifications, you can check which edition and version of Windows your device is running.
- If you are using Windows 10 Home, these directions will not help you. In this case, you should secure your machine by purchasing a reliable third-party antivirus software.
- Many of these settings will not work if your Windows computer is part of a domain and your system administrator has put alternative settings in place.
Securing Microsoft Defender
- Download Configure Defender or inspect its source code here. This utility is simply a graphical user interface (GUI) that makes it easier to secure Windows Defender.
- Once downloaded, simply double-click the tool. You can select whatever security settings you like, but for maximum protection, we recommend clicking High and then modifying the options to match the screenshots below. These settings provide a good overall balance between security and the inconvenience that the settings may cause you.
- The settings selected (beyond High) are: Block credential stealing from the Windows local security authority subsystem (lsass.exe) – ON
- Block process creations originating from PSExec and WMI commands – ON
Controlled Folder Access – ON
- After you have made these changes, click Close and reboot your computer.
Undoing Windows Defender antivirus settings
If, after making changes described above, you cannot open some applications, you can always return Windows Defender to original settings by opening the Configure Defender tool again, clicking Default and then Close. You should reboot your computer for this change to take effect.