[FEATURE] Silence Windows Defender sample submission prompt#221
[FEATURE] Silence Windows Defender sample submission prompt#221HarryVasanth wants to merge 2 commits into
Conversation
| - !registryValue: {path: 'HKLM\Software\Policies\Microsoft\Windows Defender\Signature Updates', value: 'DisableScheduledSignatureUpdateOnBattery', type: REG_DWORD, data: '1'} | ||
|
|
||
| # Revert Windows Defender Antivirus - Spynet/Sample Submission policy | ||
| - !registryKey: {path: 'HKLM\Software\Policies\Microsoft\Windows Defender\Spynet', operation: delete} |
There was a problem hiding this comment.
I added it to roll back the policy change if the user chooses to revert the playbook default state.
If the "Why?" is referring to why I deleted the whole key(!registryKey) instead of just the specific value, I did this to follow the pattern of other policy reverts in the file (like the Signature Updates key right above it).
However, if you'd prefer a more targeted and safer approach that only removes the specific value we added (so we don't accidentally wipe out other Spynet policies the user might have set), we can easily change it to:
# Revert Windows Defender Antivirus - Spynet/Sample Submission policy
- !registryValue: {path: 'HKLM\Software\Policies\Microsoft\Windows Defender\Spynet', value: 'SubmitSamplesConsent', operation: delete}
Let me know if you'd like me to push this change or if you had a different idea in mind!
Please feel free to push any changes as you see fit 😊
There was a problem hiding this comment.
revert.yml is basically a list of bad tweaks that get removed when coming from an old ReviOS version.
Just remove the lines.
There was a problem hiding this comment.
Ah, I get it now! Sorry I misunderstood and thought it was for rolling back the current playbook's changes if a user decided to uninstall.
2 participants
Description
Issue:
Users who prefer to keep Windows Defender enabled for security are subjected to a constant nag notification asking to submit files to Microsoft. Defender ignores standard Windows notification settings for this prompt, leaving users with no native UI option to silence it without turning off Defender completely.
Fix:
Added a registry tweak to configure the
SubmitSamplesConsentSpynet policy. By setting this registry value to2("Never send"), it effectively suppresses the sample submission prompt while allowing Windows Defender's core security features to remain active.Changes Made
playbook/src/Configuration/Tasks/registry/security/security.ymlto include theSubmitSamplesConsentregistry value under the Defender reporting section.Impact & Testing
Resolves: #200