rafalfitt
commented
6 months ago @0x6d69636b you are right, it is even more br0ken
Friendly Name Monitor file and program activity on your computer Location Computer Configuration Path Windows Components > Microsoft Defender Antivirus > Real-time Protection Registry Key Name Software\Policies\Microsoft\Windows Defender\Real-Time Protection Registry Value Name DisableOnAccessProtection
Hm, are you sure about this change? According to the CSP Defender policy, the value 0 means "Scan incoming and outgoing files (default)", which is the same as in the PolicyRule file of the Windows 11, version 23H2 security baseline