AVLab.pl Advanced In-The-Wild Malware Test - Summary 2025 & Product of-the-year 2026

[Adrian Ścibor]

Just remove Kaspersky and other AVs from the "honor board" of tested products, and keep only those which fulfilled the criteria to have their results dispalyed.

Not sure removing it will be right as they will say we are not unwilling to perform all tests.

As you can see, there is no good choice, but we can think about it.

We also test startups, solutions that are just entering the market and require certification in accordance with the Microsoft Virus Initiative. We provide them with this.

Creating a dedicated product card for a solution that has been tested 1/6 times a year is probably not appropriate if it does not qualify for an award.

Perhaps instead, we could simply write which solutions did not meet the 3/6 test threshold and in which months they were tested, so that the results can be quickly found on our website.

Your own report assigns Microsoft Defender a 31% score in the Web Layer. You have visualized the penalty yourself. By categorizing 69% of the threats as "missed" by the browser and "caught" by the kernel, you have proven that the browser layer failed 69% of the time. You cannot publish a failing grade (31%) and then claim the grade implies no penalty.

You can interpret the test as meaning that protection failed 69% of the time in the browser.

As I mentioned, we do not add negative points for this. The final Combined Protection score is made up of the PRE + POST levels = Total %. That's why Microsoft continues to receive the award of the year 2026 from us.

 

[ForgottenSeer 123960]

As you can see, there is no good choice, but we can think about it.

We also test startups, solutions that are just entering the market and require certification in accordance with the Microsoft Virus Initiative. We provide them with this.

Creating a dedicated product card for a solution that has been tested 1/6 times a year is probably not appropriate if it does not qualify for an award.

Perhaps instead, we could simply write which solutions did not meet the 3/6 test threshold and in which months they were tested, so that the results can be quickly found on our website.

You can interpret the test as meaning that protection failed 69% of the time in the browser.

As I mentioned, we do not add negative points for this. The final Combined Protection score is made up of the PRE + POST levels = Total %. That's why Microsoft continues to receive the award of the year 2026 from us.

Your testing methodology is flawed because it treats Microsoft Defender as a standalone binary, while treating competitors as full "Suites" with browser extensions.

Microsoft’s primary web-protection engine, SmartScreen, is natively integrated into Microsoft Edge. By forcing the test through Firefox without mentioning the installation of the "Microsoft Defender Browser Protection" extension, the lab effectively bypasses Defender's strongest web-filtering "hooks.

This reflects on the product regardless of your awards. As you stated, others can interpret.

 

[Adrian Ścibor]

Your testing methodology is flawed because it treats Microsoft Defender as a standalone binary, while treating competitors as full "Suites" with browser extensions.

Microsoft’s primary web-protection engine, SmartScreen, is natively integrated into Microsoft Edge. By forcing the test through Firefox without mentioning the installation of the "Microsoft Defender Browser Protection" extension, the lab effectively bypasses Defender's strongest web-filtering "hooks.

This reflects on the product regardless of your awards. As you stated, others can interpret.

Since the November 2025 edition and now in January 2026 (publication coming soon), we have been using the Opera browser, Chromium engine with the MS Defender extension, where in November the MS Defender score was 97.95 at the Pre-Execution level.

Unlike Google Chrome, Microsoft Edge, or Brave, which integrate their own download managers into the browser interface, Opera retains the native Windows dialog. This allows the download automation process to run stably and predictably, without the need for additional workarounds. Switching to Opera does not affect the quality of analysis or the effectiveness of automation. Opera uses the same Chromium engine as Chrome, Edge, and Brave, maintaining full compatibility with security vendors' extensions.

 

[ForgottenSeer 123960]

Since the November 2025 edition and now in January 2026 (publication coming soon), we have been using the Opera browser, Chromium engine with the MS Defender extension, where in November the MS Defender score was 97.95 at the Pre-Execution level.

Unlike Google Chrome, Microsoft Edge, or Brave, which integrate their own download managers into the browser interface, Opera retains the native Windows dialog. This allows the download automation process to run stably and predictably, without the need for additional workarounds. Switching to Opera does not affect the quality of analysis or the effectiveness of automation. Opera uses the same Chromium engine as Chrome, Edge, and Brave, maintaining full compatibility with security vendors' extensions.

The report used to award Microsoft "Product of the Year 2025" is the one you provided, which clearly lists Firefox as the test browser and lacks any mention of the MS Defender extension.

 

[Adrian Ścibor]

The report used to award Microsoft "Product of the Year 2025" is the one you provided, which clearly lists Firefox as the test browser and lacks any mention of the MS Defender extension.

That was a year ago.

It would be easier for me to address the details if you could specify exactly what you object to by providing a quote in the text or a page, URL link.

 

[ForgottenSeer 123960]

That was a year ago.

It would be easier for me to address the details if you could specify exactly what you object to by providing a quote in the text or a page, URL link.

I'm quite tired of the dance. You just posted this in this thread, and in it states you used Firefox.

 

[ForgottenSeer 116559]

Honestly, my biggest takeaway was the tangible difference between Norton and Avast. Simply revelatory.

Looking back on last year of AV-Comparatives tests, I've taken for granted the repeatedly identical results between them.

I wonder if certain improvements will find their way to the Avast/AVG side. Norton still offers unique features as the premium brand if protection components are brought to parity.

 

[Halp2001]

As far as I know, Microsoft discontinued support for the MDBP extension and focused on integrating full web protection into Edge. That’s why the results in other browsers look different: they reflect Defender’s current strategy more accurately.

 

[ForgottenSeer 123960]

As far as I know, Microsoft discontinued support for the MDBP extension and focused on integrating full web protection into Edge. That’s why the results in other browsers look different: they reflect Defender’s current strategy more accurately.

The Consumer extension for Chrome/Chromium is still very much alive and updated as of February 2026.

Because there is no Microsoft Defender extension for Firefox, and Firefox does not natively support Microsoft's SmartScreen, the lab's decision to use Firefox in 2025 effectively disabled Defender's browser-level security.

 

[Adrian Ścibor]

I'm quite tired of the dance. You just posted this in this thread, and in it states you used Firefox.

I am too. The summary covers the entire year of testing in 2025 from Advanced In-The-Wild Malware Test, and the awards are marked for 2026.

Please show me where the word “Firefox” appears in the article or PDF, because my browser and PDF editor cannot locate it. Otherwise, please refrain from trolling.

The Consumer extension for Chrome/Chromium is still very much alive and updated as of February 2026.

Because there is no Microsoft Defender extension for Firefox, and Firefox does not natively support Microsoft's SmartScreen, the lab's decision to use Firefox in 2025 effectively disabled Defender's browser-level security.

I wouldn't exaggerate this exclusion of protection. Many users consciously choose neither Edge, Chrome, nor Opera, but Firefox. And they have good reasons for doing so. This topic has been discussed many times in our tests in previous publications from 2025 and has been explained.

If you disagree with the methodology, that's OK. I always say that there are several other labs where you can follow them.

Microsoft has focused so much on its own browser that it has forgotten about the others. It is a monopolist, so its security should not depend solely on one browser or one browser-engine.

 

[ForgottenSeer 123960]

I am too. The summary covers the entire year of testing in 2025 from Advanced In-The-Wild Malware Test, and the awards are marked for 2026.

Please show me where the word “Firefox” appears in the article or PDF, because my browser and PDF editor cannot locate it. Otherwise, please refrain from trolling.


I wouldn't exaggerate this exclusion of protection. Many users consciously choose neither Edge, Chrome, nor Opera, but Firefox. And they have good reasons for doing so. This topic has been discussed many times in our tests in previous publications from 2025 and has been explained.

If you disagree with the methodology, that's OK. I always say that there are several other labs where you can follow them.

Microsoft has focused so much on its own browser that it has forgotten about the others. It is a monopolist, so its security should not depend solely on one browser or one browser-engine.

Really, it's in the PDF.