Windows Defender is the default antivirus that is included in Windows 10. Thanks to it we can have a basic security layer on our computer when connecting to the Internet. Thus, we can be protected from all kinds of threats (viruses, Trojans, computer attacks, etc.). However, if we are one of those who like to configure and customize the configuration of the programs, we must be careful, since, if we modify what we must not, we may be reducing security, and endangering the security of our PC.
Windows Defender is configured by default so that, except for users who want to have more complete security (and know what they are doing) they do not have to do anything. However, many of the critical options of this program are too visible, and if we are not careful we can end up jeopardizing our security.
These are the Windows antivirus options that we should never modify.
Windows Defender real-time protection
The first basic shield that Windows Defender offers us is its antivirus protection module . This is the one that is responsible for analyzing our PC in real time and detecting any possible threat before it can be loaded into memory. This shield has two options. The first one, real-time protection, and the second, cloud-based protection. The latter is what allows us to receive virus data from the cloud to protect us from the latest threats.
To be safe we must make sure that both options are activated.
Protection against tampering
What this protection shield does is prevent other users, or malicious programs, from changing Windows security settings . Thanks to this layer of protection, only the administrator of the computer will be able to change the protection options of this security software. It even gives us a layer of protection against exploits so that the antivirus cannot even be deactivated through a possible failure.
This option, like the previous one, must always be activated.
Core insulation
One of the most advanced protection shields that we can find in Windows Defender is core isolation. This shield provides us with comprehensive protection for the Windows Kernel so that no malicious program (a virus, an exploit, etc.) can inject dangerous code into high-security processes.
If our computer allows it, it is advisable to activate this security measure to be safe. However, it depends on the drivers that we have installed, and it is very possible that one of them is not compatible with this function (because it does not have a Microsoft signature) and, therefore, we will not be able to enable it.
Beware of Windows Defender Ransomware Protection
Windows Defender can protect us against ransomware in two ways. The first one is by detecting malware with its antivirus engine before it runs on the PC, and the second by controlling access to certain folders on the system.
The second way is disabled by default for a reason: any change in the folder will detect it as a threat, whether it comes from a ransomware or a legitimate program. Even we will be threats to the system. Therefore, we must be very careful when activating and configuring this function, since it may even happen that, by not being able to save data in the protected folders, we lose important information.
It is best to leave this option at its default value, that is, disabled. And if we activate it, that we know very well what we are doing.
