Windows Security is built-in to Windows 11 and includes an antivirus program called Microsoft Defender Antivirus. Your device will be actively protected from the moment you start Windows 11. Windows Security continually scans for malware (malicious software), viruses, and security threats. In addition to this real-time protection, updates are downloaded automatically to help keep your device safe and protect it from threats.
Windows Security is your home to view and manage the security and health of your device.
The Windows Security notification icon shows on the taskbar system tray by default.
This tutorial will show you how to add or remove the Windows Security notification icon on the taskbar for your account or all users in Windows 11.
The Protection History page in the Windows Security app is where you can go to view recommendations and actions that Microsoft Defender Antivirus has taken on your behalf, Potentially Unwanted Apps that have been removed, or key services (ex: SmartScreen) that are turned off.
Protection History only retains events for 15 days by default, after which they will automatically be cleared from history.
This tutorial will show you how to manually clear Windows Security protection history in Windows 10 and Windows 11.
The Protection History page in the Windows Security app is where you can go to view recommendations and actions that Microsoft Defender Antivirus has taken on your behalf, Potentially Unwanted Apps that have been removed, or key services (ex: SmartScreen) that are turned off.
Protection History only retains events for 15 days by default, after which they will automatically be cleared from history.
You can change the number of days to keep items in the scan history folder. After this time, Microsoft Defender removes the items. If you specify a value of zero, Microsoft Defender does not remove items.
This tutorial will show you how to change how many days to automatically clear Windows Security protection history in Windows 10 and Windows 11.
The Protection History page in the Windows Security app is where you can go to view recommendations and actions that Microsoft Defender Antivirus has taken on your behalf, Potentially Unwanted Apps that have been removed, or key services (ex: SmartScreen) that are turned off.
Protection History only retains events for 15 days by default, after which they will automatically be cleared from history.
This tutorial will show you how to view the protection history of Microsoft Defender Antivirus in Windows Security in Windows 11.
Windows Security is built-in to Windows 11 and includes an antivirus program called Microsoft Defender Antivirus. Your device will be actively protected from the moment you start Windows 11. Windows Security continually scans for malware (malicious software), viruses, and security threats. In addition to this real-time protection, updates are downloaded automatically to help keep your device safe and protect it from threats.
Windows Security is your home to view and manage the security and health of your device.
If Windows Security is crashing or not opening, you can reset the Windows Security app to hopefully fix it.
This tutorial will show you how to reset the Windows Security app for your account or all users in Windows 11.
To help you keep your device secure, Windows Security monitors your device for security issues and provides a health report, which appears on the Device performance & health page. The Health report alerts you to common issues in four key areas and offers recommendations to remedy them.
The Health report starts off by showing you the last time a Device Health scan was run. The time displayed should be basically the current time, as Windows Security tries to run a Device Health scan when you open the Device performance & health page.
Beyond the time of last scan you’ll see the status of the key areas that Device Health monitors:
This tutorial will show you how to check your device performance and health report in Windows 11.
Core isolation is a security feature of Microsoft Windows that protects important core processes of Windows from malicious software by isolating them in memory. It does this by running those core processes in a virtualized environment.
Memory integrity, also known as Hypervisor-protected Code Integrity (HVCI) is a Windows security feature that makes it difficult for malicious programs to use low-level drivers to hijack your computer.
A driver is a piece of software that lets the operating system (Windows in this case) and a device (like a keyboard or a webcam, for two examples) talk to each other. When the device wants Windows to do something it uses the driver to send that request.
Memory integrity works by creating an isolated environment using hardware virtualization.
In most cases memory integrity is on by default in Windows 11.
This tutorial will show you how to turn on or off core isolation memory integrity in Windows 11.
Microsoft Defender Antivirus is an antivirus software that is included in Windows 11 and can help protect your device from viruses, malware, and other threats.
Cloud protection works together with Microsoft Defender Antivirus to deliver accurate, real-time, and intelligent protection. Microsoft Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhance standard real-time protection. With cloud protection, next-generation technologies provide rapid identification of new threats, sometimes even before a single endpoint is infected.
This tutorial will show you how to enable or disable Cloud-delivered protection for Microsoft Defender Antivirus in Windows 11.
Microsoft Defender Antivirus is an antivirus software that is included in Windows 11 and can help protect your device from viruses, malware, and other threats.
Real-time protection consists of always-on scanning with file and process behavior monitoring and heuristics. When real-time protection is on, Microsoft Defender Antivirus detects malware and potentially unwanted software that attempts to install itself or run on your device, and prompts you to take action on malware detections.
While real-time protection is off, files you open or download won’t be scanned for threats.
This tutorial will show you how to enable or disable real-time protection for Microsoft Defender Antivirus in Windows 11.
Limited periodic scanning is a special type of threat detection and remediation that can be enabled when you have installed another antivirus product on a Windows 10 or Windows 11 device.
This feature only uses a limited subset of the Microsoft Defender Antivirus capabilities to detect malware, and will not be able to detect most malware and potentially unwanted software. Also, management and reporting capabilities will be limited. Microsoft recommends enterprises choose their primary antivirus solution and use it exclusively.
By default, Microsoft Defender Antivirus will enable itself on a Windows 10 or a Windows 11 device if there is no other antivirus product installed, or if the other product is out-of-date, expired, or not working correctly.
If Microsoft Defender Antivirus is enabled, the usual options will appear to configure it on that device.
If another antivirus product is installed, registered, and working correctly, Microsoft Defender Antivirus will disable itself. The Windows Security app will change the Virus & threat protection section to show status about the AV product, and provide a link to the product’s configuration options.
Underneath any third party AV products, a new link will appear as Microsoft Defender Antivirus options. Clicking this link will expand to show the toggle that enables limited periodic scanning. Note that the limited periodic option is a toggle to enable or disable periodic scanning.
Sliding the switch to On will show the standard Microsoft Defender AV options underneath the third party AV product. The limited periodic scanning option will appear at the bottom of the page.
This tutorial will show you how to enable or disable Periodic Scanning in Microsoft Defender Antivirus when you have a 3rd party antivirus program installed in Windows 11.
Tamper Protection in Windows Security helps prevent malicious apps from changing important Microsoft Defender Antivirus settings, including real-time protection and cloud-delivered protection. If Tamper Protection is turned on and you’re an administrator on your computer, you can still change these settings in the Windows Security app. However, other apps can’t change these settings.
Tamper Protection doesn’t affect how third-party antivirus apps work or how they register with Windows Security.
Tamper Protection is turned on by default. If you turn off Tamper Protection, you will see a yellow warning in the Windows Security app under Virus & threat protection.
This tutorial will show you how to turn on or off Tamper Protection for Microsoft Defender Antivirus settings in Windows 11.
Windows Security is built-in to Windows 11 and includes an antirvirus program called Microsoft Defender Antivirus. Your device will be actively protected from the moment you start Windows 11. Windows Security continually scans for malware (malicious software), viruses, and security threats. In addition to this real-time protection, updates are downloaded automatically to help keep your device safe and protect it from threats.
Windows Security is your home to view and manage the security and health of your device.
This tutorial will show you different ways to open the Windows Security app in Windows 11.
Windows 10 includes Windows Security, which provides the latest antivirus protection. Your device will be actively protected from the moment you start Windows 10. Windows Security continually scans for malware (malicious software), viruses, and security threats. In addition to this real-time protection, updates are downloaded automatically to help keep your device safe and protect it from threats.
This will show you how to add or remove a Windows Security desktop context menu to make directly opening protection areas in Windows Security easier in Windows 10.
Windows 10 includes Windows Security, which provides the latest antivirus protection. Your device will be actively protected from the moment you start Windows 10. Windows Security continually scans for malware (malicious software), viruses, and security threats. In addition to this real-time protection, updates are downloaded automatically to help keep your device safe and protect it from threats.
If Windows Security is crashing or not opening, you can reset and/or re-register the Windows Security app to hopefully fix it.
This tutorial will show you how to reset and re-register the Windows Security app for your account in Windows 10.
Windows 10 provides the latest antivirus protection with Windows Security. When you start up Windows 10 for the first time, Windows Security is on and actively protecting your device by scanning for malware (malicious software), viruses, and security threats.
Windows Security uses real-time protection to scan your downloads and the programs you run on your device. Also, Windows Update downloads updates for Windows Security automatically to help keep your device safe and protect it from threats.
Virus & threat protection in Windows Security helps you scan for threats on your device. You can also run different types of scans, see the results of your previous virus and threat scans, and get the latest protection offered by Windows Defender Antivirus.
Protection History in Windows Security allows you to view the latest protection actions and recommendations.
Starting with Windows 10 build 18035, the Protection history experience in Windows Security has been completely revamped. The new Protection History experience still shows you detections by Windows Defender Antivirus, but it’s now updated to also give more detailed and easier to understand information about threats and available actions. Microsoft has also added Controlled folder access blocks to history, along with any blocks which are made through organizational configuration of Attack Surface Reduction Rules. If you use the Windows Defender Offline scanning tool, any detections it makes will now also show in your history. Additionally, you will see any pending recommendations (red or yellow states from throughout the app) in the history list.
This tutorial will show you how to view your threat Protection History in Windows Security for the latest threat protection actions and recommendations by Windows Defender Antivirus in Windows 10.
Starting with Windows 10 build 18305, Microsoft introduced Tamper Protection.
Tamper Protection is a new setting from Windows Defender Antivirus, available in the Windows Security app, which when on, provides additional protections against changes to key security features, including limiting changes which are not made directly through the Windows Security app.
This tutorial will show you how to turn on or off Tamper Protection for key Windows Defender Antivirus security features in Windows 10.
Microsoft Edge is a new web browser that is available across the Windows 10 device family. It is designed for Windows 10 to be faster, safer, and compatible with the modern Web.
Microsoft Edge running in Application Guard provides the maximum level of protection from malware and zero day attacks against Windows. Windows Defender Application Guard for Microsoft Edge is a lightweight virtual machine that helps isolate potentially malicious website activity from reaching your operating systems, apps, and data.
There is no persistence of any cookies or local storage when an Application Guard window is closed in Microsoft Edge.
Three core features of Windows Defender Application Guard:
Isolated Browsing – Windows Defender Application Guard uses the latest virtualization technology to help protect your operating system by creating an isolated environment for your Microsoft Edge session.
Help Safeguard your PC – Windows Defender Application Guard starts up every time you visit a non-work-related site to help keep potentially malicious attacks away from your PC.
Malware Removal – Any websites you visit, files you download, or settings you change while in this isolated environment are deleted when you sign out of Windows, wiping out any potential malware.
Starting with Windows 10 build 18277, Microsoft has an additional toggle that lets users manage access to their camera and microphone while browsing using Application Guard for Microsoft Edge.
This tutorial will show you how to turn on or off allowing camera and microphone access while browsing in Windows Defender Application Guard for Microsoft Edge for all users in Windows 10 Pro and Windows 10 Enterprise.
Windows 10 provides the latest antivirus protection with Windows Security. When you start up Windows 10 for the first time, Windows Security is on and actively protecting your device by scanning for malware (malicious software), viruses, and security threats.
Windows Security uses real-time protection to scan your downloads and the programs you run on your device. Also, Windows Update downloads updates for Windows Security automatically to help keep your device safe and protect it from threats.
Virus & threat protection in Windows Security helps you scan for threats on your device. You can also run different types of scans, see the results of your previous virus and threat scans, and get the latest protection offered by Windows Defender Antivirus.
The Current threats area lets you:
This tutorial will show you how to see all current threats that need action in Windows Security for your Windows 10 device.