ThreatSeverityDefaultAction

Applies To: Windows 8.1, Windows Server 2012 R2

ThreadSeverityDefaultAction configures the default action to be taken for a threat alert that Windows® Defender takes. Windows Defender is an application that can prevent, remove, and quarantine malware (malicious software) and spyware.

Child Elements

Low

Specifies the default action to take for threat alert identified as Low.

Moderate

Specifies the default action to take for threat alert identified as Moderate.

High

Specifies the default action to take for threat alert identified as High.

Severe

Specifies the default action to take for threat alert identified as Severe.

Valid Configuration Passes

oobeSystem

offlineServicing

specialize

Parent Hierarchy

Security-Malware-Windows-Defender | ThreatSeverityDefaultAction

Applies To

For Windows Server® 2012, Windows Server® 2008 R2 and Windows Server® 2008, Windows Defender is installed with the Desktop Experience Pack.

For a full list of the Windows editions and architectures that this component supports, see Security-Malware-Windows-Defender.

XML Example

The following XML output shows how to set the default action to be taken for a threat alert.

<ThreatSeverityDefaultAction>
            <Low>2</Low>
            <Moderate>2</Moderate>
            <High>2</High>
            <Severe>2</Severe>
</ThreatSeverityDefaultAction>

See Also

Concepts

Security-Malware-Windows-Defender