Specify the 'Define the maximum size of downloaded files and attachments to be scanned' (IOAVMaxSize Min:0 Max:10000000 kb) This policy setting defines the maximum size (in kilobytes) of downloaded files and attachments that will be scanned. If you enable this setting, downloaded files and attachments smaller than the size specified will be scanned. If you disable or do not configure this setting, a default size will be applied. Counter Measure: Configure this setting depending on your organization's requirements. Potential Impact: Scanning larger files can impact performance.

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Real-time Protection\Define the maximum size of downloaded files and attachments to be scanned (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Real-Time Protection\IOAVMaxSize