- Jul 22, 2014
- 67
- Content source
- https://youtu.be/snImtCq-WBw
In what way?Windows Defender is getting better but also been heavy on the system for quite some time.
In what way?
I have never seen any sort of slowdown that those reports ever show. That's why I'm curious.I think it's mentioned in one AV-Comparatives report.
I have never seen any sort of slowdown that those reports ever show. That's why I'm curious.
Intentionally, I don't think he does. Andy may have, does have, more insight than Leo?So in other words he finds another way to bash Defender
So in other words he finds another way to bash Defender
Yeah I was thinking flooding the cloud signatures with requests probably lead to it going past the timeout window. With a good internet connection the 10 second timeout should be sufficient for most people who come across malware.That one miss wouldn't have happened if he manually ran each sample one by one. So, it's nothing to do with increasing Defender's protection. The gangbang approach is a faulty method as we have discussed before. In a perfect scenario of course, Defender should have stopped that ransomware since they already have signatures for it. So, it's a strange behavior to miss that because products like Avast, Bitdefender, ESET, Kaspersky, etc. don't miss detecting samples for which they already have local signatures. But since this testing method is not a real-world scenario, we can somewhat ignore it. Defender have other dangerous issues like malware adding exclusions to it.
I know these continue to come up and get fixed, but I thought this wasn't an issue on W11 and fixed on W10 right now?Defender have other dangerous issues like malware adding exclusions to it.
Yeah, that happens but in this case, Leo tested old samples. So pretty sure that the signature for that ransomware was already present locally. So, the issue is a bit different. Maybe it gets overwhelmed by all that malware at once and let one or two slip away sometimes. This doesn't happen with all products.Yeah I was thinking flooding the cloud signatures with requests probably lead to it going past the timeout window. With a good internet connection the 10 second timeout should be sufficient for most people who come across malware.
Tamper protection has become stronger but from what I see, that doesn't cover exclusions. So, exclusions can still be added on Windows 11 systems. If such malware can bypass Defender's pre-execution static analysis, then it can't stop them from adding exclusions to it. Even some legit programs do this to avoid performance impact.I know these continue to come up and get fixed, but I thought this wasn't an issue on W11 and fixed on W10 right now?