In this post, we will help you solve the issue where Windows Security displays a message Cloud-delivered protection is off, Your device may be vulnerable. As the problem indicates, it is associated with the Microsoft cloud protection feature of Windows Security. This feature, when enabled or turned on, allows Microsoft Defender Antivirus to receive improvements from Microsoft regarding thread detections and the latest threat definitions. By default, this setting remains turned on. But, if cloud-delivered protection is turned off, then a warning sign (black exclamation mark enclosed in a yellow triangle) and a message is displayed.
In another scenario, some users also find that they are unable to turn on Cloud-delivered protection on their Windows 11/10 system. This can happen when Cloud-delivered protection is greyed out or for some reason. We have created a list of all such solutions in this post below.
Cloud-delivered protection is off, Your device may be vulnerable
In order to get rid of Cloud-delivered protection is off, Your device may be vulnerable error on your Windows 11/10 PC, you can use the following solutions:
- Use the Dismiss option
- Change Windows Security settings
- Turn on Cloud-delivered protection using Windows PowerShell
- Enable Cloud-delivered protection using Group Policy Editor
- Use Windows Registry to enable Cloud-delivered protection
- Other suggestions to fix this issue.
Unable to turn on Cloud-Delivered Protection in Windows Security
1] Use the Dismiss option
This is a simple way to solve this problem. You can just ignore or dismiss the error message. You don’t have to turn on the Cloud-delivered protection feature for this. Here are the steps:
- Open the Windows Security
- Access the Virus & threat protection section
- Use the Manage settings (under Virus & threat protection settings) option
- Click on the Dismiss option available for Cloud-delivered protection is off. Your device may be vulnerable.
- In the UAC prompt, hit the Yes button.
Now that message will be gone and it shouldn’t come back.
2] Change Windows Security settings
Some users find that the Cloud-delivered protection feature is turned on, yet they see the warning message that says- Cloud-delivered protection is off. Your device may be vulnerable. This can happen when the options in Windows Security are not set as needed. You should make sure that Real-time protection is turned on and Automatic sample submission is turned off in Windows Security. Here are the steps:
- Open Windows Security from the Start menu, Search box, or any other way you want
- Click on the Virus & threat protection option present in the left section
- Click on the Manage settings option available for Virus & threat protection settings section
- Use toggle for Real-time protection to turn it on. When the UAC prompt appears, press the Yes button in that prompt
- Turn on the Cloud-delivered protection button (if turned off)
- The UAC prompt will open. Press the Yes button
- Turn off the Automatic sample submission button. If you see a UAC prompt, click on the Yes button.
Furthermore, if the warning still appears, click on the Dismiss option (as explained in option 1) and it should be gone.
3] Turn on Cloud-delivered protection using Windows PowerShell
If you are not able to turn on the cloud protection feature using Windows Security for some reason, then you can use Windows PowerShell. For this, follow these steps:
- Open an elevated PowerShell window. You can type powershell in the Search box of Windows 11/10, right-click on the Windows PowerShell option visible in the search results, and use the Run as administrator option
- Type and execute the following command:
PowerShell Set-MpPreference -MAPSReporting 2
If this command doesn’t work, you can use another command:
PowerShell Set-MpPreference -MAPSReporting Advanced
Once the command is completed, access the Cloud-delivered protection section in Windows Security. You will find that the feature is turned on and the error message has vanished.
If that doesn’t help and you have to make sure that the command you used doesn’t interfere with other solutions/fixes, you can use the Windows PowerShell command to turn off the Cloud-delivered protection. The command is:
PowerShell Set-MpPreference -MAPSReporting 0
4] Enable Cloud-delivered protection using Group Policy Editor
This option is helpful when the Cloud-delivered protection option is greyed out (as visible in the screenshot below), because of which you are unable to turn on Cloud-delivered protection. A message is displayed there This setting is managed by your administrator. It happens because a related setting in Group Policy Editor is configured for that. So, you need to change that setting to fix this issue.
Before using this option, do note that the Group Policy Editor feature is present in Pro and Enterprise editions of Windows 11/10 and not the Home edition. You have to add Group Policy Editor to the Home edition (if you use one) manually to use this option. When it is done, follow these steps:
- Open the Group Policy Editor
- Access the MAPS folder
- Access the Join Microsoft MAPS setting
- Use the Not Configured option for that setting
- Press the OK button.
The detailed information for these steps is mentioned below.
First, open the Group Policy Editor on your Windows 11/10 system. Open the Run Command (Win+R), type gpedit.msc in the text field, and use the OK button to open it.
Look for the MAPS folder. Here is the path to that folder:
Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus > MAPS
From the right-hand section of that folder, double-click on Join Microsoft MAPS setting to access it. The setting window is opened separately.
Now use the Not Configured radio button present on the top-left section and press the OK button.
This will remove the restriction added to the Cloud-delivered protection feature. Now you can open Windows Security and turn on this feature.
In case you ever need to disable Cloud-delivered protection later for some reason, it can be done by following the above steps. The only change you need to do is select the Enabled radio button for the Join Microsoft MAPS setting and select the Disabled option from the drop-down menu available for the Join Microsoft MAPS option. It is available in the left-middle section.
Use the OK button to save the setting.
5] Use Windows Registry to enable Cloud-delivered protection
Windows Registry or Registry Editor is available in all the editions of Windows 11/10. If you are unable to turn on the Cloud-delivered protection feature because the Cloud-delivered protection section is greyed out, a Registry tweak can help you solve the problem. This option is also helpful for those unable to use the Group Policy Editor. Windows Registry includes equivalent values for Group Policy settings and both the features can be used independently.
Before applying the Registry tweak, you should take a backup of the Windows Registry, and then you can proceed further. Here are the steps to enable Cloud-delivered protection using Windows Registry:
- Open Windows Registry
- Access the Windows Defender Registry key
- Create a Spynet key
- Close the Windows Registry.
In the first step, open Windows Registry on your Windows 11/10 system. You can use the Search box and type regedit to open it.
After this, access the Windows Defender key. The path to that Registry key is:
Right-click on the Windows Defender key, select New, and use the Key option. After that, rename that key to Spynet.
This should do the work. Open Windows Security and access the Virus & threat protection settings. You will find that you are now able to turn on the Cloud-delivered protection feature. Neither that toggle will remain grayed out nor you will see any Cloud-delivered protection is turned off message.
You can also repeat the above steps and create a DWORD (32-bit) value under the SpynetReporting Registry key to disable the Cloud-delivered protection feature, in case you need to do that.
6] Other suggestions to fix this issue
This problem might also be associated with Automatic Sample Submission and Real-time protection features of Microsoft Defender Antivirus. Since Cloud-delivered protection is also a part of Microsoft Defender Antivirus, you may face issues like this for cloud protection if other related features aren’t working as expected. It turns out that some users see the same error message- This setting is managed by your administrator for Microsoft Defender Antivirus when all of its features (including Cloud-delivered protection) or a particular feature is disabled or greyed out. In that case, you should use the following fixes:
- Perform Microsoft Defender Antivirus (offline scan). If this issue is caused by some malicious tool, then the offline scan can help you identify the threat with updated definitions and remove it. Under the Scan options section of Virus & threat protection of Windows Security, select the Microsoft Defender Antivirus (offline scan) option, and press the Scan now button
- Uninstall and third-party antivirus tool you’re using: A third-party security tool can interfere with Microsoft Defender Antivirus and can make unexpected changes to the Windows Registry and/or Group Policy. So, you should uninstall such a security tool and use these solutions to fix the problem
- Delete the DisableAntiSpyware and DisableAntiVirus Registry keys: Check if these two entries are there under Windows Registry. If these entries are there, it can result in disabling Windows Defender Antivirus, Spyware and unwanted software protection, etc. To find and delete such Registry entries, follow this path:
If you see DisableAntiSpyware and/or DisableAntivirus folders or Registry keys, right-click on them, and use the Delete option. After that, restart your system.
That’s all! Hope these fixes will help.
Also read: Windows Security says No Security Providers
How to enable or disable Cloud-delivered Protection on Windows?
You can enable or disable Cloud-delivered protection on Windows OS using PowerShell, Windows Registry, and Group Policy Editor. All three options are covered in detail in this post. Among these three options, Windows Registry and Group Policy Editor features are more powerful as the Cloud-delivered protection feature is disabled completely using them. The changes can also be undone anytime.
Should Cloud-delivered protection be on or off?
Cloud-delivered protection is an important part or feature of the Microsoft Defender Antivirus for enhanced protection (including threat detection and new threat definitions). There are many security features and capabilities that work in Microsoft Defender Antivirus only when this feature is enabled. Therefore, they recommend keeping Cloud-delivered protection turned on.
How do you turn on Cloud-delivered protection? The setting is managed by your administrator?
You may see This setting is managed by your administrator error for Cloud-delivered protection when a Group Policy Setting or Registry setting is set for it. That prevents you from turning on the cloud protection as the associated option is greyed out. So, to turn on Cloud-delivered protection on Windows 11/10 OS, you can set Join Microsoft MAPS setting to Not Configured in Group Policy Editor or create a Spynet key in Registry Editor. The step-by-step instructions for both of these solutions are explained in this post. Check them out.