Virus and threat protection
The Virus & threat protection section contains information and settings for antivirus protection from Microsoft Defender Antivirus and third-party AV products.
In Windows 10, version 1803, this section also contains information and settings for ransomware protection and recovery. These settings include Controlled folder access settings to prevent unknown apps from changing files in protected folders, plus Microsoft OneDrive configuration to help you recover from a ransomware attack. This area also notifies users and provides recovery instructions if there's a ransomware attack.
IT administrators and IT pros can get more configuration information from these articles:
- Microsoft Defender Antivirus in Windows Security
- Microsoft Defender Antivirus documentation library
- Protect important folders with Controlled folder access
- Defend yourself from cybercrime with new Office 365 capabilities
- Microsoft Defender for Office 365
- Ransomware detection and recovering your files
You can hide the Virus & threat protection section or the Ransomware protection area from users of the machine. This option can be useful if you don't want employees in your organization to see or have access to user-configured options for these features.
Hide the Virus & threat protection section
You can choose to hide the entire section by using Group Policy. The section won't appear on the home page of Windows Security, and its icon won't be shown on the navigation bar on the side.
This section can be hidden only by using Group Policy.
Important
You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
- On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and select Edit.
- In Group Policy Management Editor, go to Computer configuration and select Administrative templates.
- Expand the tree to Windows components > Windows Security > Virus and threat protection.
- Open the Hide the Virus and threat protection area setting and set it to Enabled. Select OK.
- Deploy the updated GPO as you normally do.
Note
If you hide all sections then Windows Security will show a restricted interface, as in the following screenshot:
Hide the Ransomware protection area
You can choose to hide the Ransomware protection area by using Group Policy. The area won't appear on the Virus & threat protection section of Windows Security.
This area can be hidden only by using Group Policy.
Important
You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
- On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and select Edit.
- In Group Policy Management Editor, go to Computer configuration and select Administrative templates.
- Expand the tree to Windows components > Windows Security > Virus and threat protection.
- Open the Hide the Ransomware data recovery area setting and set it to Enabled. Select OK.
- Deploy the updated GPO as you normally do.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for