Applies to
How Windows 7 hardware upgrades affect licensing. SPP's purpose is to help Microsoft crack down on software privacy, and (they say) to help protect you by ensuring that your Microsoft product is authentic. Is taken from the book Microsoft Windows 7 In Depth. The book has information on various Windows 7 topics, including installing.
- Windows 10, version 1809 and above
Audience
- Enterprise security administrators
Manageability available with
- Group Policy
The Windows Security app is used by a number of Windows security features to provide notifications about the health and security of the machine. These include notifications about firewalls, antivirus products, Windows Defender SmartScreen, and others.
In some cases, it may not be appropriate to show these notifications, for example, if you want to hide regular status updates, or if you want to hide all notifications to the employees in your organization.
There are two levels to hiding notifications:
- Hide non-critical notifications, such as regular updates about the number of scans Windows Defender Antivirus ran in the past week
- Hide all notifications
If you set Hide all notifications to Enabled, changing the Hide non-critical notifications setting will have no effect.
You can only use Group Policy to change these settings.
Use Group Policy to hide non-critical notifications
You can hide notifications that describe regular events related to the health and security of the machine. These are notifications that do not require an action from the machine's user. It can be useful to hide these notifications if you find they are too numerous or you have other status reporting on a larger scale (such as Update Compliance or Microsoft Endpoint Configuration Manager reporting).
This can only be done in Group Policy.
Important
Requirements
You must have Windows 10, version 1903. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
Download the latest Administrative Templates (.admx) for Windows 10, v1809.
On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and click Edit.
In the Group Policy Management Editor go to Computer configuration and click Administrative templates.
Expand the tree to Windows components > Windows Security > Notifications. For Windows 10 version 1803 and below the path would be Windows components > Windows Defender Security Center > Notifications
Open the Hide non-critical notifications setting and set it to Enabled. Click OK.
Deploy the updated GPO as you normally do. Waves ssl 4000 review.
Use Group Policy to hide all notifications
You can hide all notifications that are sourced from the Windows Security app. This may be useful if you don't want users of the machines from inadvertently modifying settings, running antivirus scans, or otherwise performing security-related actions without your input.
This can only be done in Group Policy.
Important
Requirements
You must have Windows 10, version 1903. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object you want to configure and click Edit.
In the Group Policy Management Editor go to Computer configuration and click Administrative templates.
Expand the tree to Windows components > Windows Security > Notifications. For Windows 10 version 1803 and below the path would be Windows components > Windows Defender Security Center > Notifications
Open the Hide all notifications setting and set it to Enabled. Click OK.
Use the following registry key and DWORD value to Hide all notifications.
[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows Defender Security CenterNotifications]'DisableNotifications'=dword:00000001
Use the following registry key and DWORD value to Hide not-critical notifications
[HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows Defender Security CenterNotifications]'DisableEnhancedNotifications'=dword:00000001
Deploy the updated GPO as you normally do.
Notifications
| Purpose | Notification text | Toast Identifier | Critical? |
|---|---|---|---|
| Network isolation | Your IT administrator has caused Windows Defender to disconnect your device. Contact IT help desk. | SENSE_ISOLATION | Yes |
| Network isolation customized | Company name has caused Windows Defender to disconnect your device. Contact IT help desk phone number, email address, url. | SENSE_ISOLATION_CUSTOM (body) | Yes |
| Restricted access | Your IT administrator has caused Windows Defender to limit actions on this device. Some apps may not function as expected. Contact IT help desk. | SENSE_PROCESS_RESTRICTION | Yes |
| Restricted access customized | Company has caused Windows Defender to limit actions on this device. Some apps may not function as expected. Contact IT help desk. | SENSE_PROCESS_RESTRICTION_CUSTOM (body) | Yes |
| HVCI, driver compat check fails (upon trying to enable) | There may be an incompatibility on your device. | HVCI_ENABLE_FAILURE | Yes |
| HVCI, reboot needed to enable | The recent change to your protection settings requires a restart of your device. | HVCI_ENABLE_SUCCESS | Yes |
| Item skipped in scan, due to exclusion setting, or network scanning disabled by admin | The Windows Defender Antivirus scan skipped an item due to exclusion or network scanning settings. | ITEM_SKIPPED | Yes |
| Remediation failure | Windows Defender Antivirus couldn’t completely resolve potential threats. | CLEAN_FAILED | Yes |
| Follow-up action (restart & scan) | Windows Defender Antivirus found threat in file name. Please restart and scan your device. Restart and scan | MANUALSTEPS_REQUIRED | Yes |
| Follow-up action (restart) | Windows Defender Antivirus found threat in file. Please restart your device. | WDAV_REBOOT | Yes |
| Follow-up action (Full scan) | Windows Defender Antivirus found threat in file. Please run a full scan of your device. | FULLSCAN_REQUIRED | Yes |
| Sample submission prompt | Review files that Windows Defender will send to Microsoft. Sending this information can improve how Windows Defender Antivirus helps protect your device. | SAMPLE_SUBMISSION_REQUIRED | Yes |
| OS support ending warning | Support for your version of Windows is ending. When this support ends, Windows Defender Antivirus won’t be supported, and your device might be at risk. | SUPPORT_ENDING | Yes |
| OS support ended, device at risk | Support for your version of Windows has ended. Windows Defender Antivirus is no longer supported, and your device might be at risk. | SUPPORT_ENDED and SUPPORT_ENDED_NO_DEFENDER | Yes |
| Summary notification, items found | Windows Defender Antivirus successfully took action on n threats since your last summary. Your device was scanned n times. | RECAP_FOUND_THREATS_SCANNED | No |
| Summary notification, items found, no scan count | Windows Defender Antivirus successfully took action on n threats since your last summary. | RECAP_FOUND_THREATS | No |
| Summary notification, no items found, scans performed | Windows Defender Antivirus did not find any threats since your last summary. Your device was scanned n times. | RECAP_NO THREATS_SCANNED | No |
| Summary notification, no items found, no scans | Windows Defender Antivirus did not find any threats since your last summary. | RECAP_NO_THREATS | No |
| Scan finished, manual, threats found | Windows Defender Antivirus scanned your device at timestamp on date, and took action against threats. | RECENT_SCAN_FOUND_THREATS | No |
| Scan finished, manual, no threats found | Windows Defender Antivirus scanned your device at timestamp on date. No threats were found. | RECENT_SCAN_NO_THREATS | No |
| Threat found | Windows Defender Antivirus found threats. Get details. | CRITICAL | No |
| LPS on notification | Windows Defender Antivirus is periodically scanning your device. You’re also using another antivirus program for active protection. | PERIODIC_SCANNING_ON | No |
| Long running BaFS | Your IT administrator requires a security scan of this item. The scan could take up to n seconds. | BAFS | No |
| Long running BaFS customized | Company requires a security scan of this item. The scan could take up to n seconds. | BAFS_DETECTED_CUSTOM (body) | No |
| Sense detection | This application was removed because it was blocked by your IT security settings | WDAV_SENSE_DETECTED | No |
| Sense detection customized | This application was removed because it was blocked by your IT security settings | WDAV_SENSE_DETECTED_CUSTOM (body) | No |
| Ransomware specific detection | Windows Defender Antivirus has detected threats which may include ransomware. | WDAV_RANSOMWARE_DETECTED | No |
| ASR (HIPS) block | Your IT administrator caused Windows Defender Security Center to block this action. Contact your IT help desk. | HIPS_ASR_BLOCKED | No |
| ASR (HIPS) block customized | Company caused Windows Defender Security Center to block this action. Contact your IT help desk. | HIPS_ASR_BLOCKED_CUSTOM (body) | No |
| CFA (FolderGuard) block | Controlled folder access blocked process from making changes to the folder path | FOLDERGUARD_BLOCKED | No |
| Network protect (HIPS) network block customized | Company caused Windows Defender Security Center to block this network connection. Contact your IT help desk. | HIPS_NETWORK_BLOCKED_CUSTOM (body) | No |
| Network protection (HIPS) network block | Your IT administrator caused Windows Defender Security Center to block this network connection. Contact your IT help desk. | HIPS_NETWORK_BLOCKED | No |
| PUA detection, not blocked | Your settings cause the detection of any app that might perform unwanted actions on your computer. | PUA_DETECTED | No |
| PUA notification | Your IT settings caused Windows Defender Antivirus to block an app that may potentially perform unwanted actions on your device. | PUA_BLOCKED | No |
| PUA notification, customized | Company caused Windows Defender Antivirus to block an app that may potentially perform unwanted actions on your device. | PUA_BLOCKED_CUSTOM (body) | No |
| Network isolation ended | No | ||
| Network isolation ended, customized | No | ||
| Restricted access ended | No | ||
| Restricted access ended, customized | No | ||
| Dynamic lock on, but bluetooth off | No | ||
| Dynamic lock on, bluetooth on, but device unpaired | No | ||
| Dynamic lock on, bluetooth on, but unable to detect device | No | ||
| NoPa or federated no hello | No | ||
| NoPa or federated hello broken | No |
Recent versions of Windows 10 come with an app called Windows Security. The application, formerly known as 'Windows Defender Security Center', has been renamed to Windows Security. It is intended to help the user control his security and privacy settings in a clear and useful way. The app has a tray icon, which is visible out of the box. If you are not happy to see it, here is number of ways to hide it.
RECOMMENDED: Click here to fix Windows errors and optimize system performance
You can launch Windows Security from the Start menu or with a special shortcut. Alternatively, you can access it using its tray icon. As of this writing, it looks as follows:
There is a helper tool which draws the icon. It is located here:
Update: Starting in Windows 10 version 1809, the helper tool has got renamed. Now it is
This file runs at startup when you sign in to your Windows 10 account and so the icon appears in the tray. To get rid of the icon, you can remove the helper tool from startup. This operation has no side effect and will disable the tray icon completely.
To remove MSASCuiL.exe/SecurityHealthSystray.exe from startup, we will use the methods described in the article How to add or remove startup apps in Windows 10.
To disable Windows Security tray icon, do the following.
- Open Task Manager.
- Switch to the tab named Startup.
Tip: You can open the Startup tab of Task Manager directly in Windows 10 by running the following command:See how to create a shortcut to manage Startup apps in Windows 10.
- Find the line named 'Windows Defender notification icon' as shown below:
- Right click it and select 'Disable' in the context menu: Tip: in the screenshot above, you can see an additional 'Command line' column which is not visible by default. To enable it, see the article Get more details about Startup in Windows Task Manager.
Group Policy Option
Starting in Windows 10 version 1809 (Redstone 5), there is a special Group Policy option which allows hiding the tray icon of Windows Security. If you are running Windows 10 Pro, Enterprise, or Education edition, you can use the Local Group Policy Editor app to configure the option with a GUI, as follows.
- Press Win + R keys together on your keyboard and type:
Press Enter.
- Group Policy Editor will open. Go to Computer Configuration -> Administrative Templates _> Windows Components -> Windows Security -> Systray. Enable the policy option Hide Windows Security Systray as shown below.
- Reboot your computer.
If you are running Windows 10 Home or other edition of the OS which doesn't include Local Group Policy Editor, you can apply a Registry tweak.
Registry Tweak
- Open Registry Editor.
- Go to the following Registry key:
Tip: See how to jump to the desired Registry key with one click.
If you do not have such a key, then just create it.
- Here, create a new 32-bit DWORD value HideSystray. Note: Even if you are running 64-bit Windows, you still need to use a 32-bit DWORD as the value type.
Set it to 1 to disable the tray icon. - To make the changes done by the Registry tweak take effect, you need to restart Windows 10.
Later, you can delete the HideSystray value to make the icon visible.
That's it!
Related articles:
Thanks to deskmodder.de for the tweak option.
RECOMMENDED: Click here to fix Windows errors and optimize system performance