For computer security, Windows 10 offers several built-in security tools that are active by default. Among these we have the control or protection from downloaded files (it is called Smartscreen filter), then there is the Firewall and the Windows Defender antivirus.
With the 1703 Creators Update of April 2017, all these internal system security tools have been grouped into a single set of configurations called Windows Defender Security Center where you can configure the various options and correct any problems that can put you at risk the data on the PC.
The most important part of the security center is, of course, Windows Defender antivirus, which in Windows 10 has greatly improved compared to past versions, which offers cloud and offline protection and above all that can be enhanced.
If you are not using another antivirus on your Windows 10 PC updated with Creators Update, you can increase the protection level of Windows Defender by changing a hidden option .
You can increase the level of protection in Windows 10 Pro or Enterprise by using the option in the local group policy editor.
Then open the editor using the Start menu and looking for gpedit.msc and modify the following two options :
1) Open the following path from the local computer policy :
Computer Configuration> Administrative Templates> Windows Components> Windows Defender Antivirus> MAPS
On the right side, double-click Join Microsoft MAPS .
Activate the option and, in the same screen at the bottom, under Options, change where it is written Join Microsoft Maps from disabled to basic MPS or advanced MAPS (they are the same thing).
Click Apply and then OK.
NOTE: Microsoft MAPS is a program that allows the Microsoft company to collect information about threats detected on the system so that it can create new security updates.
Personal information may also be collected among this information, although Microsoft ensures that it will never be used to identify or contact you.
If you do not wish to grant authorization for this data collection, deactivate MAPS and finish here.
2) Now you can change the cloud protection level of the Windows 10 antivirus.
Still from the local computer policy, go to the following option:
Computer Configuration> Administrative Templates> Windows Components> Windows Defender Antivirus> MpEngine
On the right side, double click on the Select protection level on Cloud option.
From the configuration screen, activate the option and then, at the bottom of the options, change the default Windows Defender Antivirus block level to High block level .
Press Apply and OK.
This high blocking level improves threat detection with stronger protection for your computer especially against threats still unknown.
The only side effect is that false positives can occur more often, that is, virus reports on files that are actually clean.
Obviously, those with some experience, will be able to recognize when it is a false positive and still unlock the legitimate file in order to use it.
To go back, set the two options from Enabled to Not configured .
Alternatively, you can also activate the high protection by editing the registry keys, which is the only way in Windows 10 Home, where there is no group editor tool (although as seen you can install gpedit.msc in Windows 10 Home).
As seen above, there are two options to be modified and, therefore, two registry keys to be configured.
To open the registry, go to the Start menu, search for regedit.exe and run it.
In Windows 10 Creators Update you will notice an address bar at the top of the system registry, so the key paths can be copied from this page and pasted directly into that address bar.
1) Activation of Microsoft MAPS
To become a member of the Microsoft MAPS information collector using the registry, do the following:
Then go to the key:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows Defender
Then press the right mouse button on the empty space in the center of the screen, select New and then press on Key.
On the left side a new folder will be added to which Spynet should be named.
Now select Spynet and inside, press the right mouse button to make New> DWORD value (32-bit) .
Name the key SpyNetReporting and press Enter.
Double click on and SpyNetReporting and change the value from 0 to 2.
2) Raise the cloud protection level of the antivirus
Once participation in Microsoft MAPS is enabled, you can configure the " high blocking level " for Windows Defender.
Still from the registry, go to the following path
HKEY_LOCAL_MACHINE \ Software \ Policies \ Microsoft \ Windows Defender
Right click on the Windows Defender folder on the left column, select New> Key.
Right click on the new key to rename it and give it the name MPEngine
Select MPEngine and in the center of the screen, press the right mouse button, go to New and create a new DWORD (32-bit) value.
This time the name must be MpCloudBlockLevel .
Click twice on MpCloudBlockLevel and change the value from 0 to 2.
To go back and cancel everything, you can delete the created Spynet key.
The addition of high protection in Windows 10 can certainly be recommended, although we must not forget the possibility of more frequent cases of false positives and, above all, the fact that they will send data to Microsoft, including sample files.
While we are there, since we created the MPEngine folder on the registry, it is also worth activating protection from unnecessary malicious programs in Windows Defender .
