Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Microsoft Defender
How good is Microsoft Defender's protection now in 2024?
Message
<blockquote data-quote="bazang" data-source="post: 1105351" data-attributes="member: 114717"><p>Really? Which one?</p><p></p><p></p><p>No. It will not be enough. I am not talking about grabbing some malware samples and Microsoft Defender detects them by either via signature or reputation. I am talking about when it does not detect by signature or by reputation.</p><p></p><p>What really matters is what the security solution does - or more importantly what it does not do - in a case where it is bypassed.</p><p></p><p></p><p>It is true to some extent to all of them. Some more than others. Microsoft Defender is only a top signature detection solution. To provide truly effective security, Windows must be hardened. Microsoft Defender is not nearly enough. It is decent for "I download a file now-and-then" types of users.</p><p></p><p>People here fail to grasp the reality. The reality is that Windows - and Microsoft Defender - are the most targeted systems in userland. Daily, tens of thousands of threat actors are able to defeat Microsoft Defender. Even hardened systems get borked if they are not configured properly.</p><p></p><p></p><p>AVLab.pl has consistently shown that Microsoft Defender is not very good against banking trojans that get past the signatures. The evidence is irrefutable.</p><p></p><p>AVLab.pl has shown it to be true of both consumer and enterprise versions of Microsoft Defender. Same has been done by MRG Effitas and others.</p><p></p><p>Making a distinction between home and enterprise users is not helpful. It is a distraction from the fact that when it comes to banking trojans, Microsoft Defender is not as good as other solutions. That is because Microsoft never intended - by design - for Microsoft Defender to ever effectively deal with such malware. Defender is a limited-scope solution that is meant to be supplemented by fully integrating it into the full suite of Microsoft's other security. At the consumer\home user level, Microsoft makes Microsoft Defender the bare minimum baseline. It does not even want home users to tinker with it.</p><p></p><p><span style="color: rgb(184, 49, 47)">If the user is paranoid about doing financial transactions on their Windows system - as it appears the OP is, then Microsoft Defender is not sufficient. Period. It has been proven. Now whether or not the user will ever download and execute a banking trojan - nobody can say and therefore it is irrelevant. If it is possible, no matter how small the probability, then it matters to someone who has a heightened concern about "What could potentially happen?"</span></p><p></p><p>I work in regulated industries such as the financial and defense sectors. Nobody that I know of has ever used Bitdefender SafePay or Kaspersky SafeMoney. Not even enterprise versions. Those kinds of solutions cannot even satisfy the security requirements of the applicable regulations.</p><p></p><p></p><p>Yeah. So what? Detection by signature. Microsoft Defender is known to provide decent signature detection. That is not what I was ever talking about. I was talking about when it does not detect.</p><p></p><p>You do realize that thousands of malware get past Microsoft Defender every single day out in the real world, right? Do you know how to simulate such a real world scenario without disabling any protections?</p><p></p><p>Learn how to code your own banking trojan, then test it. You will see what I am talking about.</p></blockquote><p></p>
[QUOTE="bazang, post: 1105351, member: 114717"] Really? Which one? No. It will not be enough. I am not talking about grabbing some malware samples and Microsoft Defender detects them by either via signature or reputation. I am talking about when it does not detect by signature or by reputation. What really matters is what the security solution does - or more importantly what it does not do - in a case where it is bypassed. It is true to some extent to all of them. Some more than others. Microsoft Defender is only a top signature detection solution. To provide truly effective security, Windows must be hardened. Microsoft Defender is not nearly enough. It is decent for "I download a file now-and-then" types of users. People here fail to grasp the reality. The reality is that Windows - and Microsoft Defender - are the most targeted systems in userland. Daily, tens of thousands of threat actors are able to defeat Microsoft Defender. Even hardened systems get borked if they are not configured properly. AVLab.pl has consistently shown that Microsoft Defender is not very good against banking trojans that get past the signatures. The evidence is irrefutable. AVLab.pl has shown it to be true of both consumer and enterprise versions of Microsoft Defender. Same has been done by MRG Effitas and others. Making a distinction between home and enterprise users is not helpful. It is a distraction from the fact that when it comes to banking trojans, Microsoft Defender is not as good as other solutions. That is because Microsoft never intended - by design - for Microsoft Defender to ever effectively deal with such malware. Defender is a limited-scope solution that is meant to be supplemented by fully integrating it into the full suite of Microsoft's other security. At the consumer\home user level, Microsoft makes Microsoft Defender the bare minimum baseline. It does not even want home users to tinker with it. [COLOR=rgb(184, 49, 47)]If the user is paranoid about doing financial transactions on their Windows system - as it appears the OP is, then Microsoft Defender is not sufficient. Period. It has been proven. Now whether or not the user will ever download and execute a banking trojan - nobody can say and therefore it is irrelevant. If it is possible, no matter how small the probability, then it matters to someone who has a heightened concern about "What could potentially happen?"[/COLOR] I work in regulated industries such as the financial and defense sectors. Nobody that I know of has ever used Bitdefender SafePay or Kaspersky SafeMoney. Not even enterprise versions. Those kinds of solutions cannot even satisfy the security requirements of the applicable regulations. Yeah. So what? Detection by signature. Microsoft Defender is known to provide decent signature detection. That is not what I was ever talking about. I was talking about when it does not detect. You do realize that thousands of malware get past Microsoft Defender every single day out in the real world, right? Do you know how to simulate such a real world scenario without disabling any protections? Learn how to code your own banking trojan, then test it. You will see what I am talking about. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
