Configure Microsoft Active Protection Service Reporting This policy setting allows you to configure membership in Microsoft Active Protection Service. Microsoft Active Protection Service is the online community that helps you choose how to respond to potential threats. The community also helps stop the spread of new malicious software infections. You can choose to send basic or additional information about detected software. Additional information helps Microsoft create new definitions and help it to protect your computer. This information can include things like the location of detected items on your computer if harmful software was removed. The information will be automatically collected and sent. If you enable this policy setting, you can select how Windows Defender reports potential malware threats using the following options: No Membership No information will be sent to Microsoft. You won't be alerted if unclassified software is detected running on your computer. Basic Membership Send basic information to Microsoft about software that Windows Defender detects, including where the software came from, the actions that you apply or that Windows Defender applies automatically, and whether the actions were successful. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or to contact you. Advanced Membership In addition to basic information, Windows Defender sends more information to Microsoft about malicious software, spyware, and potentially unwanted software, including the location of the software, file names, how the software operates, and how it has impacted your computer. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or to contact you. If you disable or do not configure this policy setting, by default Microsoft Active Protection Service membership is disabled. At this setting, no information is sent to Microsoft. You are not alerted if Windows Defender detects unclassified software running on your computer. Local users can still change their Microsoft Active Protection Service membership. [disabled/basic/advanced] (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\MAPS!Join Microsoft MAPS (2) REG: MACHINE\Software\Policies\Microsoft\Windows Defender\SpyNet!SpyNetReporting oval:org.secpod.oval:def:22664 SCAP Repo OVAL Definition 2015-01-07