Windows Defender is the default antimalware security software that comes built into Windows 10. It protects your system in real-time against all sorts of security threats such as viruses, worms, rootkits, spyware, and even ransomware.
Windows Defender continues to improve with each major update of Windows 10. If you’re running Windows 10 Creators Update (Version 1703) check out our article on the new Windows Defender Security Center. It makes it easier for you to view and control the security protections on your Windows 10 device.
While Windows Defender does a pretty good job with the default settings, nothing is 100 percent effective, and it doesn’t hurt to amp it up when it comes to changing cloud-level protections. Selecting a higher level of protection makes Windows Defender more proactive in scanning and detecting suspicious files.
Note: This article is geared toward power users and experienced users who might manage a small production environment. Windows 10 version 1703 or higher is required. You’ll be joining your Windows 10 device to the Microsoft Active Protection Service (MAPS). It’s an online community that collects pieces of data about threats detected on your system. Through the collection of telemetry and sometimes personal data from your device, it provides early detection of vulnerabilities and helps stop the spread of new malware infections. Microsoft states that all collected data is treated with confidentiality. If you have questions about it, check out Microsoft’s Privacy Statement.
Join Microsoft MAPS via Group Policy
These initial steps require using Group Policy which isn’t available in the Home versions of Windows 10. Use the keyboard shortcut Windows Key + R to bring up the Run dialog and type: gpedit.msc and hit Enter or click OK.
Next, navigate to the following location:
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > MAPS
Double-click Join Microsoft MAPS located in the right-panel.
Select Enabled and under Options select Advanced MAPS from the drop-down and click OK.
Increase the Cloud Protection Level
Now that you have enrolled your Windows 10 device in the MAPS program you can change the cloud protection level of Windows Defender. Continuing in Group Policy head to the following path:
Computer Configuration > Administrative Templates > Windows Components > Windows Defender Antivirus > MpEngine
Then double-click Select cloud protection level in the right panel.
Select Enabled and under the Options section select High blocking level from the drop-down menu and click OK to close out of Group Policy.
Note: By selecting the high-level option, it forces Windows Defender to block and scan files more frequently. While this improves security, it can also lead to false positives on files you know are safe (especially ones that change system settings). However, you can easily unblock those files as you go along. It’s a bit more work, but no one ever said security is easy.
If you’re running a PC with Windows 10 Home and would like to increase the Defender level you can. However, it means you’ll need to go into the Registry and make modifications. If you’re an average consumer, chances are you aren’t looking at going through all of the work and risks.
If you do want to know the instructions to increase the Windows Defender cloud blocking level for Windows 10 Home, leave a comment below and I can post the steps in our Windows 10 Forums.