Specify threat alert levels at which default action should not be taken when detected

This policy setting allows you to customize which automatic remediation action will be taken for each threat alert level.Threat alert levels should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a threat alert level. The value contains the action ID for the remediation action that should be taken.Valid threat alert levels are:1 = Low2 = Medium4 = High5 = SevereValid remediation action values are:2 = Quarantine3 = Remove6 = Ignore

Policy path: 

Windows Components\Windows Defender\Threats

Scope: 

Machine

Supported on: 

At least Windows Server 2012 Windows 8 or Windows RT

Registry settings: 

HKLM\Software\Policies\Microsoft\Windows Defender\Threats!Threats_ThreatSeverityDefaultAction; HKLM\Software\Policies\Microsoft\Windows Defender\Threats\ThreatSeverityDefaultAction

Filename: 

WindowsDefender.admx

Related content