Advertisement

Enable Windows Security Block Suspicious Behaviors in Windows 10

Starting with Windows 10 Build 17704, you can enable a new option in Windows Security. The option "Block suspicious behaviors" is designed to prevent behavior by an app or file that might infect your device. Here is how it can be done.

Advertisеment

Recent versions of Windows 10 come with an app called Windows Security. The application, formerly known as "Windows Defender Security Center", has been renamed to Windows Security. It is intended to help the user control his security and privacy settings in a clear and useful way.

Windows Security Windows 10

You can launch Windows Security from the Start menu or with a special shortcut. Alternatively, you can access it using its tray icon.

Windows Defender Security Center Icon

You can enable a new protection setting, Block suspicious behaviors, which brings Windows Defender Exploit Guard attack surface reduction technology to all users.  Here is how it can be done. Before proceeding, ensure that your user account has administrative privileges. Now, follow the instructions below.

To enable Windows Defender Block Suspicious Behaviors in Windows 10, do the following.

  1. Open Windows Security.
  2. Click on the Virus & threat protection icon.Windows Security Virus And Threat Protection Icon
  3. Click on the Manage settings link under Virus & threat protection settings.Windows Security Virus And Threat Manage Settings
  4. Enable the option Block suspicious behaviors.Windows Security Virus And Threat Block Suspicious
  5. Confirm the UAC prompt.

The feature is now enabled. You can disable it at any moment if you change your mind later.

Alternatively, you can apply a Registry tweak.

Enable Windows Defender Block Suspicious Behaviors with a Registry tweak

The option is stored in the Registry under the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR. The DWORD value EnableASRConsumers should be set 1 to enable the feature. However, the key is write protected, so you need to use some tool to bypass this limitation and modify the value without using the Windows Security app.

  1. Download the ExecTI freeware and start regedit.exe using it. This will open the Registry Editor app with the highest privilege level.ExecTI Run As TrustedInstaller
  2. Go to the following location in Regedit.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender\Windows Defender Exploit Guard\ASR

    Tip: See how to go to a Registry key with one click.

  3. Here, modify or create a new 32-bit value EnableASRConsumers and set it to 1.Enable Windows Security Block Suspicious Behaviors In Windows 10
  4. By setting the value to 0 you will disable the feature.

That's it.

Support us

Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:

If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!

Advertisеment

Author: Sergey Tkachenko

Sergey Tkachenko is a software developer who started Winaero back in 2011. On this blog, Sergey is writing about everything connected to Microsoft, Windows and popular software. Follow him on Telegram, Twitter, and YouTube.

3 thoughts on “Enable Windows Security Block Suspicious Behaviors in Windows 10”

Leave a Reply

Your email address will not be published.

css.php
Using Telegram? Subscribe to the blog channel!
Hello. Add your message here.