| title | description | ms.service | ms.localizationpriority | author | ms.author | ms.custom | ms.date | ms.reviewer | manager | ms.subservice | ms.topic | ms.collection | search.appverid | |||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Hide the Microsoft Defender Antivirus interface |
You can hide virus and threat protection tile in the Windows Security app. |
defender-endpoint |
medium |
siosulli |
siosulli |
nextgen |
07/26/2023 |
pahuijbr |
deniseb |
ngp |
conceptual |
|
met150 |
[!INCLUDE Microsoft Defender XDR rebranding]
Applies to:
- Microsoft Defender for Endpoint Plan 1
- Microsoft Defender for Endpoint Plan 2
- Microsoft Defender Antivirus
Platforms
- Windows
You can use Group Policy to prevent users on endpoints from seeing the Microsoft Defender Antivirus interface. You can also prevent them from pausing scans.
In Windows 10, versions 1703, hiding the interface hides Microsoft Defender Antivirus notifications and prevent the Virus & threat protection tile from appearing in the Windows Security app.
With the setting set to Enabled:
:::image type="content" source="/defender/media/wdav-headless-mode-off-1703.png" alt-text="The Windows Security without the shield icon and virus and threat protection sections" lightbox="/defender/media/wdav-headless-mode-off-1703.png":::
With the setting set to Disabled or not configured:
:::image type="content" source="/defender/media/wdav-headless-mode-1703.png" alt-text="The Windows Security with shield icon and threat protection sections" lightbox="/defender/media/wdav-headless-mode-1703.png":::
Note
Hiding the interface will also prevent Microsoft Defender Antivirus notifications from appearing on the endpoint. Microsoft Defender for Endpoint notifications will still appear. You can also individually configure the notifications that appear on endpoints
In earlier versions of Windows 10, the setting hides the Windows Defender client interface. If the user attempts to open it, they'll receive a warning that says, "Your system administrator has restricted access to this app."
:::image type="content" source="/defender/media/wdav-headless-mode-1607.png" alt-text="The warning message when headless mode is enabled in Windows 10, versions earlier than 1703" lightbox="/defender/media/wdav-headless-mode-1607.png":::
-
On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and select Edit.
-
Using the Group Policy Management Editor go to Computer configuration.
-
Select Administrative templates.
-
Expand the tree to Windows components > Microsoft Defender Antivirus > Client interface.
-
Double-click the Enable headless UI mode setting and set the option to Enabled. Select OK.
See Prevent users from locally modifying policy settings for more options on preventing users from modifying protection on their PCs.
You can prevent users from pausing scans, which can be helpful to ensure scheduled or on-demand scans aren't interrupted by users.
Note
This setting is not supported on Windows 10.
-
On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and select Edit.
-
Using the Group Policy Management Editor go to Computer configuration.
-
Select Administrative templates.
-
Expand the tree to Windows components > Microsoft Defender Antivirus > Scan.
-
Double-click the Allow users to pause scan setting and set the option to Disabled. Select OK.
Indicates whether to disable UI Lockdown mode. If you specify a value of $True, Microsoft Defender Antivirus disables UI Lockdown mode. If you specify a value of $False or don't specify a value, UI Lockdown mode is enabled.
PS C:\>Set-MpPreference -UILockdown $true
- Configure the notifications that appear on endpoints
- Configure end-user interaction with Microsoft Defender Antivirus
- Microsoft Defender Antivirus in Windows 10
[!INCLUDE Microsoft Defender for Endpoint Tech Community]
Tip
If you're looking for Antivirus related information for other platforms, see:
- Set preferences for Microsoft Defender for Endpoint on macOS
- Microsoft Defender for Endpoint on Mac
- macOS Antivirus policy settings for Microsoft Defender Antivirus for Intune
- Set preferences for Microsoft Defender for Endpoint on Linux
- Microsoft Defender for Endpoint on Linux
- Configure Defender for Endpoint on Android features
- Configure Microsoft Defender for Endpoint on iOS features