av-software-feature-image

Should I use Windows Defender?

In a recent article in a major tech magazine, the author mentioned the benefits of using 3rd party Antivirus or Antimalware applications, even free versions over the use of Microsoft Defender claiming they were all better.

What bothered me was the article did not have the data to defend this statement and the author claimed to be a member of (AMTSO) The Anti-Malware Testing Standards Organization which itself does not advise against using Microsoft Defender.

AMTSO focuses on what the author should have, transparency, fairness, and accuracy in testing anti-malware solutions. Perhaps even more bothersome was he failed to mention the precautions a user should be taking instead of relying on a magic AV solution app. There is no such thing.

I never had a client infected because they were using Microsoft Defender. Clients that had infected computers had an assortment of AV products they used, even the free versions. The reason for every infection was the user’s fault. They were infected by complying with a scam website and calling for assistance, downloading infected software, or clicking an email that contained a virus. None of their AV apps were breached even when the app was smart enough to warn them before clicking. Many clicked “yes” anyway.

The Facts

It is very rare for a homeowner to be infected because of the AV app they are using though it can happen. According to Malware Protection Test September 2023 – AV-Comparatives, 10% of paid AV programs were infected in 2023 and 9% of free antivirus users were affected by malware in 2023. Some AV products are better in online environments while some excel while offline.

Avast had the highest detection rate with a 95.3 offline detection rate, 99.5 online detection rate, and 99.97 protection rate. It only showed one false positive during the testing while Norton, with much lower scores had 12 false positives. Microsoft Defender had an unimpressive offline detection rate of 77% but its online detection rate matched Avast and the online protection rate was 99.95%. It only had 5 False positives.

Some AV programs are marginally better than others, but because malware is overwhelmingly introduced by user fault. I advocate user awareness and the use of Best Practices to stay safe.

Should You Consider Microsoft Defender

I am completely confident in my use of MS Defender. I have never had a breach, and MS continues to improve Defender with every release. I would not discourage the use of highly rated AV software but I would not personally pay for the difference. The ads and constant upgrade messages of free software take them out of consideration for me. Things to consider:

Microsoft Advanced Threat Protection (ATP)

Defender offers a host of integrated programs to help keep you safe but like any other AV program, you must follow known safety precautions:

  1. Defender Antivirus
  2. Defender SmartScreen
  3. Windows Firewall
  4. Secure Wi-Fi
  5. Bluetooth protection
  6. VPN in Edge. Edge has a built-in VPN feature called Edge Secure Network which encrypts your internet connection and hides your IP address If you have not used it, enable it by:
    1. Open Edge browser
    2. Go to Settings > Privacy, Search, and Services
    3. Scroll down to Security and toggle on Microsoft Edge Secure Network. If you do not see this feature, it is an ongoing rollout and might be in your next upgrade.

Sandbox

Not part of Defender, but an excellent way to prevent any infection to your PC is to use Windows Sandbox. Any website visited while in Sandbox is isolated from your operating system. Use it to…

  1. Open suspicious email attachments in Sandbox first
  2. Open a browser within the Sandbox and visit websites you suspect might be dangerous
  3. Test new software by copying and pasting it into Sandbox and then opening it. If there is no malicious activity you can open it on your regular OS
  4. Always close the Sandbox when you are finished. Once you open it again all traces of any previous actions will be gone

Summary

Informed users are more effective than any security program. Daves’s Computer Tips has a large library of articles on how to stay safe. Here are just a few:

AV programs cannot prevent you from bypassing a warning and clicking on an infected file or stop you once you communicate with a scammer and allow them into your system. Be cautious of any 10 Best AV Software Programs article. Often a site or author will profit from you choosing one of their choices. Finally, if paying out of pocket is something you don’t want to do, I do not think you will regret learning and using Windows Defender.

11 thoughts on “Should I use Windows Defender?”

  1. Jeg bruger da Defender, som er med i Prisen.
    El Barsko

    :: I use the Defender, which is included in the price. El Barsko

    1. Heel goed. Zolang je veilige praktijken gebruikt, zou je goed moeten zijn. Onthoud als u ooit vermoedt dat u besmet bent. Download het Microsoft Malicious Antimalware-hulpprogramma en gebruik het om uw pc te scannen. Elke nieuwe download heeft alle bekende kenmerken van malware. Bedankt voor je reactie.

      (Ed Note: Very good. As long as you use safe practices you should be fine. Remember if you ever suspect you are infected. Download the Microsoft Malicious Antimalware tool and use it to scan your PC. Each new download has all the known characteristics of malware. Thanks for your comment.)

  2. After trying out Windows Defender recently on a new computer, I totally agree with your article. The only reason people might use a 3rd party program are for the extra bells and whistles plus the fact they are used to having and using them, Mindblower!

    1. Mindblower, I realized I answered to you by email instead of posting a reply. As I said you are correct on all counts.

  3. Robert L Taylor

    Great article Jim,

    Is Defender SmartScreen the same as Microsoft Defender Browser Protection which I have been using along with Defender Antivirus for several years now, they seem very similar with the red popup alerting you of a compromised site.

    Thanks Again.

    1. Good question Robert. Actually, they are related but different. Windows Defender Browser Protection is a browser extension for Google Chrome however the extension has been discontinued and users are encouraged to use SmartScreen.
      Smartscreen provides broader security and is integrated into both Windows and Microsoft Edge. It helps protect against both phishing and malware-infected websites. It uses a reputation-based system to check URLs, and files and will warn users if anything is suspicious. If you ever receive a warning. I would not bypass the warning but would open the same site in Sandbox and then open the site or file. It also checks all downloaded files.

  4. I have been using an antivirus called VIPER for the last 10 years or more with no infections (I also follow your other tips). The thing is, I have never seen it mentioned in any virus comparison. Do you know anything about it?

    1. (with apologies to Jim Canfield for jumping in)

      Hey Dick, I think you are referring to “Vipre” AV, not “Viper”.

      The last time Vipre was submitted to AV-Test (for lab testing) was back in 2022 at which time it scored quite well. In my opinion, Vipre is no better than Defender which, of course, is free and already built-in to the OS.

      That said, if Vipre has been doing a good job for you for a decade or so, and you are happy with it, by all means stick with it.

      Cheers… Jim H

  5. Peter Thompson

    I totally agree that most infections are the users fault.

    I’ve used a few AVs in the past and been part of their community e.g. forums. I’ve seen people complain that they turned their AV off after adviced by a crack and then complained to the AV for getting infected or being a few versions behind and wondering why something got through. Versions usually have the same signature definitions but often newer ones will have big fixes and new protection features.

    I’ve seen a few people also presuming an AV can fix a ransomware incident if installed after the infection and users using RDP who didn’t have a good password policy e.g. a secure non leaked password and a policy to prevent brute force. These users hadn’t password protected their AV so the hacker simply brute forced their password or got it from a leak, remoted on and then turned off the AV and encrypted everything.

    I’ve been using Eset for quite a few years now and I’m happy with that but I also avoid risky websites and try to keep everything up to date.

    I think it comes down to personal preference and also the user being more clued up. I remember my dad tried a few AVs back in the day and if he got infected would blame the AV rather than having a look at how he got infected in the first place

  6. I used Eset for about three years. Most of my customers who have AV protection usually purchase multiple licenses. I always have them send me a link to the license to install on my test machine. I try them out and get a feel for what they offer. I am always wary of too many bells and whistles on a AV. It should do the job and leave users alone but too many users believe that the report screen provided prove they are protected. One of the most common methods (1 in every 4200) in households in 2020 allowed an individual to install a RDP and become infected.
    Just FYI ESET has achieved a 98.9 success rate in 2022. It scored 96.8 for offline detections in Malware Protection tests. I always used it for its extremely low impact on the OS. It Is an excellent tool for AV protection on Android devices with a nearly perfect rating.

Leave a Comment

Your email address will not be published. Required fields are marked *

Exit mobile version