Closed johanssontobbe closed 3 years ago
The tamper protection detection is built as a warning. If Tamper protection is non-existent, it will be 0, and the script will continue on. If it is anything but 0, it will warn users about Tamper Protection and the user can choose to ignore the warning and continue installing. I could not think of a reliable way to ensure Tamper Protection was off without user interaction and would prefer users stay in charge of ensuring Tamper Protection is off.
Describe the bug and expected behavior The installation script (install.ps1) doesn't detect that Tamper Protection has been turned off on Windows 10 2004. The script checks if HKLM:\SOFTWARE\Microsoft\Windows Defender\Features\TamperProtection is set to 0.
On Windows 10 2004, TamperProtection starts out at 5 after installation. When Tamper Protection has been disabled, the value of TamperProtection is 4. I was unable to find a way to set TamperProtection to 0.
The latest fully supported version of Windows 10 for CommandoVM seems to be 1909.