The truth about Windows Defender on Windows 10 (Home & Pro).

[Andy Ful]

People started to complain about Microsoft security way before there was ever an antivirus product for consumers to purchase.

3rd parties provide better protection than Microsoft. That's all that matters.

And yes, Microsoft does things unilaterally and uses its position to make things much more difficult and problematic for 3rd party publishers... way more difficult than they need to be. That stifles competition and\or causes inordinately difficult problems.

Microsoft would like nothing more than to make the entire world a 100 % Microsoft product-only world. If you don't believe that is true, then I don't know what to tell you. Because that is exactly what it is trying to do. And it will do whatever it can to accomplish that.

Anyway you cut it, Microsoft is a monopoly. It has a grip (some would say stranglehold) on most things IT like no other.

I really think about opening the general thread about Microsoft. This will be probably a very hot thread. I share your thoughts in a great deal (and probably most MT members), but the Microsoft sins (there are many more) have a little to do with more practical aspects of Defender security. People should choose or not choose WD, because of its practical aspects, but not because Microsoft is guilty (we now it is).

Let's forget temporarily about Microsoft politics and try to focus on the practice. I know that it will be hard. It was hard for me too, because my software was ridiculously banned by M$.

 

[509322]

I really think about opening the general thread about Microsoft. This will be probably a very hot thread. I share your thoughts in a great deal (and probably most MT members), but the Microsoft sins (there are many more) have a little to do with more practical aspects of Defender security. People should choose or not choose WD, because of its practical aspects, but not because Microsoft is guilty (we now it is).

My post was a reply to the claim that 3rd party publishers just whine and complain that Microsoft is doing everything it can to put them out of business. It's not some kind of fallacy or conspiracy theory that 3rd party publishers just came up with. Courts have repeatedly censured Microsoft for abusing its position and acting as a monopoly.

As far as Windows Defender and Windows security, it just isn't a very good solution - its usability is terrible, there is virtually no documentation, there is no support unless the consumer pays Microsoft $100, it is prone to high infection rates because it will fail easily in the hands of those who are not security conscious. Pro pen-testers have proven that time and again. So people are most definitely better off with any of the better 3rd party security products.

The only ones who can really benefit from Windows Defender and Windows security are geeks that tweak - and that is essentially turning Windows security into a wholly default-deny protection model. Even then there's a bunch of problems that I have seen in my tests.

I remember years ago people saying "Look, Windows security is getting so awesome... now we have Microsoft Security Essentials." It's no different today. Everyone wants to tout way-overcomplicated "improvements."

Even more telling is the fact that Windows Defender ATP is not doing very well in the marketplace. There just hasn't been a whole lot of interest in the product for the same reasons... IT Pros don't wanna deal with a product that has little to no documentation, that is expensive, is a pain to use, etc.

I just find it curious that people will defend Microsoft when the security it puts onto Home versions is a half-baked version of protection clearly meant for IT Pro E5 level. Windows Home security is a mere afterthought. So Microsoft isn't doing any favors for any home user - because the very people who need the full featured security the most don't get it. And even if they did get it, they couldn't use it because Microsoft doesn't focus on usability nor documentation. What a mess. And it's all Microsoft's doing.

 

[amico81]

one question for the WD-experts -> If I use the win defender with firefox and NOT with the Microsoft Edge,
i dont have a built-in-anti-phishing-protection, right?

so i need the microsoft browser with smartscreen to get the full protection class?

 

[Moonhorse]

one question for the WD-experts -> If I use the win defender with firefox and NOT with the Microsoft Edge,
i dont have a built-in-anti-phishing-protection, right?

so i need the microsoft browser with smartscreen to get the full protection class?

correct, but the smartscreen will scan downloads from firefox(?)
on other side, it doesnt slow your browsing down

 

[ForgottenSeer 72227]

one question for the WD-experts -> If I use the win defender with firefox and NOT with the Microsoft Edge,
i dont have a built-in-anti-phishing-protection, right?

so i need the microsoft browser with smartscreen to get the full protection class?

If I'm not mistaken (please correct me if I'm wrong) smartscreen in Edge will work regardless if WD is enabled or not. Firefox has protection built in via Google's malicious protection, so you don't need to add anything else technically. WD will scan files as they are downloaded.

As for phishing its smartscreen that is doing the heavy lifting not WD. If you want you can add an extension like Malwarebytes if you feel like you need more. Phishing sites aren't particularly harmful for the most part unless you enter your info. If you haven't already aside from browser protection, make sure you know how to spot a phishing site with your own eyes as well. More often then not just by looking at the url will give it away.

 

[Eddie Morra]

but the smartscreen will scan downloads from firefox(?)

If Windows Defender is enabled and SmartScreen is enabled system-wide, then yes, downloads will be scanned on-execution by it as well (e.g. for executables, etc.) whether you're using Microsoft Edge, Chrome or Firefox. However, @Raiden summed it up brilliantly for the actual browsing side for web protection IMO.

@Andy Ful has done work which is open for anyone to use which can enhance SmartScreen though AFAIK. He will be able to tell you more about it and how his work can help you with SmartScreen usage.

 

[Andy Ful]

one question for the WD-experts -> If I use the win defender with firefox and NOT with the Microsoft Edge,
i dont have a built-in-anti-phishing-protection, right?

so i need the microsoft browser with smartscreen to get the full protection class?

correct, but the smartscreen will scan downloads from firefox(?)
on other side, it doesnt slow your browsing down

When using FireFox, the malicious website will not be blocked by SmartScreen.
SmartScreen will check the executables downloaded via FireFox when you will try to execute them.
FireFox has built-in 'Phishing and Malware Protection':
"When you download an application file, Firefox checks the site hosting it against a list of sites known to contain "malware". If the site is found on that list, Firefox blocks the file immediately, otherwise it asks Google’s Safe Browsing service if the software is safe by sending it some of the download’s metadata."
How does built-in Phishing and Malware Protection work? | Firefox Help
The open question is if FireFox downloads are compatible with WD cloud protection. The malware demo samples downloaded from the WD demo web page, are totally ignored by WD cloud protection. They are detected when using Edge and Google Chrome.

Edit.
I pushed my post too late, you have got two excellent answers, already.

 

[amico81]

thx for your answers. :emoji_ok_hand:
that's actually the reason for me not to use the WD.
because i dont like the edge browser and my fear are not malicious downloads, rather nasty phishing sites.

Yes sure, i can improve this protection in my browser with addons....and yes i do this ( with bitdefender traffic light 3.0 and Netcraft),
but I like it to have a little support from my av ( like kaspersky,norton,eset, etc.)

 

[Andy Ful]

My post was a reply to the claim that 3rd party publishers just whine and complain that Microsoft is doing everything it can to put them out of business. It's not some kind of fallacy or conspiracy theory that 3rd party publishers just came up with. Courts have repeatedly censured Microsoft for abusing its position and acting as a monopoly.

As far as Windows Defender and Windows security, it just isn't a very good solution - its usability is terrible, there is virtually no documentation, there is no support unless the consumer pays Microsoft $100, it is prone to high infection rates because it will fail easily in the hands of those who are not security conscious. Pro pen-testers have proven that time and again. So people are most definitely better off with any of the better 3rd party security products.

The only ones who can really benefit from Windows Defender and Windows security are geeks that tweak - and that is essentially turning Windows security into a wholly default-deny protection model. Even then there's a bunch of problems that I have seen in my tests.

I remember years ago people saying "Look, Windows security is getting so awesome... now we have Microsoft Security Essentials." It's no different today. Everyone wants to tout way-overcomplicated "improvements."

Even more telling is the fact that Windows Defender ATP is not doing very well in the marketplace. There just hasn't been a whole lot of interest in the product for the same reasons... IT Pros don't wanna deal with a product that has little to no documentation, that is expensive, is a pain to use, etc.

I just find it curious that people will defend Microsoft when the security it puts onto Home versions is a half-baked version of protection clearly meant for IT Pro E5 level. Windows Home security is a mere afterthought. So Microsoft isn't doing any favors for any home user - because the very people who need the full featured security the most don't get it. And even if they did get it, they couldn't use it because Microsoft doesn't focus on usability nor documentation. What a mess. And it's all Microsoft's doing.

Thanks. So, we have an open question:
Can WD be usable to the average user?

In my opinion, WD can compete with any free AV, when the user is not a happy-clicker, does not engage in high-risk behaviors or use cracks & pirated software, does not frequently transfer data through the external drives/flash drives, etc.
I excluded the paid security software, because WD is free. We should also exclude most of MT members, because they are not average at all. So, the average users will be rather adult people who use the computers for browsing the Internet, playing media, displaying photos, using email clients, reading/editing documents, running already installed applications.
Most of them do not use Windows Explorer and cannot tweak any AV, but can use the shortcuts from the Start Menu and Desktop. The average user can hardly get help from the advanced user when the issues arise with: the broken updates, software conflicts after system & software updates, malware infections, etc.
Those people simply use the computer with Windows 10, because no one told them to buy the Cromebook.

It would be good if everyone posted freely, his/her opinion.
Thanks.

 

[amico81]

I have the same opinion like @Andy Ful
My dad is 60 years old...he has heard things about phishing and malware in the daily newspaper.
but i'm sure he would fall into the trap if he get a good phishing mail of his bank or a malicious pop up for a "driver update".
so he need kaspersky internet security with firefox addons for more protection....he cannot tweak the defender or act after messages from the smartscreen alert.

 

[oldschool]

Just who is the "average" user? This is the problem. I have a casual friend who has McAphee through Staples (she must have paid the really over-inflated price!). She bit on the MS Tech Support scam - hook, line and sinker. Doesn't have a clue! So, did a paid full security suite save her? NO. Staples service saved her - at a premium price! I have a brother in law who is no computer geek, but is smart (He successfully owned and operated a 1 man machine shop for years.) He slapped Avast Free and MBAM Free on his machine and he and his wife have never had a problem. So, who is the average user?

I know a lot people who use the Avast/MBAM combo, but some of them have been advised to use this combo. I also know people who use Sophos Free (not highly regarded by some here on MT!) and no infections. So, most smart people who are not geeks may prefer 3rd party AVs but this does not preclude smart non-geek users from using WD and staying completely secure. No matter what the facts are about WD and MS, most infections are user-dependent. We even might say many smart non-geeks see and rely a lot of reviews for Avast. So we are back to the question: Is the "average user" the smart, non-geek person or the completely clue-less, ignorant person?

My point is that the smart non-geek may simply not be aware that WD is available and/or improved over the years because they've been deluged with Avast/PC Mag marketing and, more importantly, that there is no "average user". For the truly ignorant there may be no solution at all.

 

[Moonhorse]

I have the same opinion like @Andy Ful
My dad is 60 years old...he has heard things about phishing and malware in the daily newspaper.
but i'm sure he would fall into the trap if he get a good phishing mail of his bank or a malicious pop up for a "driver update".
so he need kaspersky internet security with firefox addons for more protection....he cannot tweak the defender or act after messages from the smartscreen alert.

Last week my mother called me, asking ''whats kasper ky''.....she werent brave enough to continue signing to bank site until i told it was the antivirus and everything is fine

And she really was angry on me, asked how i dare ( im brave enough) to install russian antivirus on her computer

 

[509322]

Just who is the "average" user? This is the problem. I have a casual friend who has McAphee through Staples (she must have paid the really over-inflated price!). She bit on the MS Tech Support scam - hook, line and sinker. Doesn't have a clue! So, did a paid full security suite save her? NO. Staples service saved her - at a premium price! I have a brother in law who is no computer geek, but is smart (He successfully owned and operated a 1 man machine shop for years.) He slapped Avast Free and MBAM Free on his machine and he and his wife have never had a problem. So, who is the average user?

I know a lot people who use the Avast/MBAM combo, but some of them have been advised to use this combo. I also know people who use Sophos Free (not highly regarded by some here on MT!) and no infections. So, most smart people who are not geeks may prefer 3rd party AVs but this does not preclude smart non-geek users from using WD and staying completely secure. No matter what the facts are about WD and MS, most infections are user-dependent. We even might say many smart non-geeks see and rely a lot of reviews for Avast. So we are back to the question: Is the "average user" the smart, non-geek person or the completely clue-less, ignorant person?

My point is that the smart non-geek may simply not be aware that WD is available and/or improved over the years because they've been deluged with Avast/PC Mag marketing and, more importantly, that there is no "average user". For the truly ignorant there may be no solution at all.

The typical user is not the western hemisphere-centric user. Most people that use Windows are computer illiterate or close to it. They might have heard about malware, security softs, and IT security matters generally. However, on average they are not equipped to cope with IT security complexities such as tweaks. I'd say in the western hemisphere the typical user is one that might install free AV - most of the time it is Avast Free and\or Malwarebytes free because it is promoted so heavily. And why do they install 3rd party softs ? Because the general consensus is that they are better off with a 3rd party security soft.

We once had a girl here at MT that obviously was a college student and was asking how to remove Windows Defender - because she thought it was a rogue antivirus. She was\is a typical user.

The only thing that security software represent are insurance policies. Some are a whole lot better than others with Windows Defender always at or near the bottom of the list.

Yes, it is correct that many infections are triggered by a user. On the whole, Windows Defender does not protect users to the same extent that a 3rd party solution will. Windows Defender by design has holes in its protections. One only need to pay attention to the statistics that matter - which isn't some AV test lab report.

 

[Andy Ful]

Just who is the "average" user?

1. Can turn on - log in and turn off the computer.
2. Does not know anything about computer security.
3. Cannot tweak the AV and Windows settings.
4. Can do only basic things, like running/opening files from Start Menu or Desktop.
5. Knows how to use a web browser and already installed applications.
6. Knows how to download/open/run the files from a web browser.
7. Do not understand the computer terminology.

Shortly, the average user can use the computer only for the basic tasks, without any knowledge about security, exploring the disks, managing the computer, changing the computer settings.
We can improve this list If it is incomplete.

My recommended setup for the average user (no cracks, risky activities, etc.):
WD default settings + SmartScreen set to Block + disabled Windows scripts + a few Universal Applications from Microsoft Store for viewing/printing documents. MS Office or Adobe Acrobat Reader not installed.

The above setup (set and forget) can be done in about 15 minutes. Any MT member can probably do it without a problem. Downloading/installing/tweaking any free AV can take probably more time.
This is not the setup for MT members.

 

[Eddie Morra]

My dad is 60 years old...he has heard things about phishing and malware in the daily newspaper.
but i'm sure he would fall into the trap if he get a good phishing mail of his bank or a malicious pop up for a "driver update".

Test it.

Ask him for consent to test him. 2 weeks later, tell him he passed the test and didn't fall for the trap. 2 more weeks later, perform the test... and see whether he falls for the bait or not.

 

[Weebarra]

1. Can turn on - log in and turn off the computer.
2. Does not know anything about computer security.
3. Cannot tweak the AV and Windows settings.
4. Can do only basic things, like running/opening files from Start Menu or Desktop.
5. Knows how to use a web browser and already installed applications.
6. Knows how to download/open/run the files from a web browser.
7. Do not understand the computer terminology.

Shortly, the average user can use the computer only for the basic tasks, without any knowledge about security, exploring the disks, managing the computer, changing the computer settings.
We can improve this list If it is incomplete..

Wow, this is an excerpt from my autobiography, finally i have a title to my name "average user"

Sorry for going O/T but i couldn't resist :devil: this is just about true for me.

 

[DeepWeb]

I disagree with the idea of the average Windows user here. The average Windows users are far more knowledgeable than you guys like to admit. Just look at the numbers. We are not the only ones who use a 3rd party AV. Anyone who has used Windows for at least 1 generation knows that they need an antivirus and that they need to be careful of what to click on the Internet and that they can install useful browser extensions that block ads and improve privacy. Many do understand terminology and they will google what they don't know and they know that they can tweak Windows settings but many gave up because Windows 10 is too complicated. It's not that they are not tech savvy, Windows 10 is a UX and UI disaster compared to something like Windows 7.

Microsoft uses non-standard terminology just look at Windows Defender which is really Microsoft Security Essentials renamed. But then they renamed it again to Windows Defender Antivirus. Things that have universal terms in Unix and Linux have different terms in Windows for no reason. The Windows environment does not allow people to fully understand how their computers work with all of its hidden folders, some things are here, other things are there. Unless you grew up with Windows you will never understand it. It makes zero sense so most people will give up on tweaking Windows. They do care about using their computers securely but they don't know where to start and that's Microsoft's fault. Just look at Exclusions in Windows Defender. No other menu has ever bothered me so much in my life. Is it enough to just type the program.exe or do I have to list the entire file path? No clue until this day and from the way WD behaved neither way seem to work. The entire UI/UX makes Windows Defender feel like an afterthought like "oh yeah, we also did that but nobody cares" And Windows Firewall looks like from Vista era.

tl:dr Average user knows that they need protection but Windows 10's UX/UI is too inconsistent to be understandable and user interfaces of software do not make the effort to explain themselves to the user anymore.

 

[Andy Ful]

Wow, this is an excerpt from my autobiography, finally i have a title to my name "average user"

Sorry for going O/T but i couldn't resist :devil: this is just about true for me.

I am afraid that you are above the average because of the 7th point, at least. You understand the computer terminology (MT = Malware Tips).
Anyway, your sense of humor is very refreshing.

 

[509322]

I disagree with the idea of the average Windows user here. The average Windows users are far more knowledgeable than you guys like to admit. Just look at the numbers. We are not the only ones who use a 3rd party AV. Anyone who has used Windows for at least 1 generation knows that they need an antivirus and that they need to be careful of what to click on the Internet and that they can install useful browser extensions that block ads and improve privacy. Many do understand terminology and they will google what they don't know and they know that they can tweak Windows settings but many gave up because Windows 10 is too complicated. It's not that they are not tech savvy, Windows 10 is a UX and UI disaster compared to something like Windows 7.

Microsoft uses non-standard terminology just look at Windows Defender which is really Microsoft Security Essentials renamed. But then they renamed it again to Windows Defender Antivirus. Things that have universal terms in Unix and Linux have different terms in Windows for no reason. The Windows environment does not allow people to fully understand how their computers work with all of its hidden folders, some things are here, other things are there. Unless you grew up with Windows you will never understand it. It makes zero sense so most people will give up on tweaking Windows. They do care about using their computers securely but they don't know where to start and that's Microsoft's fault. Just look at Exclusions in Windows Defender. No other menu has ever bothered me so much in my life. Is it enough to just type the program.exe or do I have to list the entire file path? No clue until this day and from the way WD behaved neither way seem to work. The entire UI/UX makes Windows Defender feel like an afterthought like "oh yeah, we also did that but nobody cares" And Windows Firewall looks like from Vista era.

tl:dr Average user knows that they need protection but Windows 10's UX/UI is too inconsistent to be understandable and user interfaces of software do not make the effort to explain themselves to the user anymore.

Knowing that one needs AV is not sufficient. Being able to Google stuff is not sufficient. That people cannot figure out Windows security is the central issue being discussed. As you point out, from their perspective Windows 10 security is too complicated.

On average, a user is better able to cope with 3rd party software than Windows security because Windows security has poor usability, very poor documentation, and is highly cryptic.

 

[Andy Ful]

I disagree with the idea of the average Windows user here...

The 'average user' terminology is somewhat symbolic, because no one can measure such average. We have to agree to something as a starting point, because otherwise the whole thread will be misguiding, and quickly you will see very emotional and defensive posts.
Do you have some propositions to change it?