Advice Request Is Windows Defender just as good as any other free antivirus solution?

Please provide comments and solutions that are helpful to the author of this topic.

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,545
Defender on Windows 10 has local AI + AI in the cloud (with malware detonation in the sandbox), so it can catch as many 0-day malware as any other good free AV. This is especially true for EXE, DLL, and SCR malicious files. That can be seen when analyzing MRG Effitas tests Q1 2018, Q4 2017. The level of catching 0-day malware depends on Defender settings:
  • Cloud Protection Level: Default, High, Highest, Block (not available on Windows Home versions).
  • Cloud Check Time Limit (10-60 seconds, 10 sec. by default).
  • ASR rules (not activated by default).
  • Network Protection (not activated by default).
As in the case of other AVs, some 0-day malware can still fool the local AI (and sometimes detonation procedure, too). Also, the 0-day script & scriptlet malware (highly obfuscated) can be still dangerous.

The top paid AVs have some additional features like monitoring the network traffic, Anti-Exploit modules, etc., which can be useful for detecting 0-day malware (especially in Enterprises). Yet, such AVs should be rather compared to Windows Defender with ATP (paid subscription).
.
The performance of Windows Defender is below the average when:
  • copying many files
  • opening folders with many executables
  • installing/uninstalling applications with many executables
  • managing the quarantine
  • performing the full scan
For the daily tasks like web browsing, launching applications, reading/writing documents, performing the quick scan, Defender behaves similarly to other AVs.
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top