Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
Security Statistics and Reports
Learn more about Remediation Time – response time to security incidents (the results from protection test in January 2023)
Message
<blockquote data-quote="Andy Ful" data-source="post: 1025939" data-attributes="member: 32260"><p>OK. <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p>I am not sure how this choice can impact the results for AVs. It is not only the case with web browser extensions. For example, the BAFS (very important Defender 0-day protection) does not work properly with Firefox. In this case, it is rather the Firefox issue, because Defender is a part of the Windows system.</p><p></p><p>But, there is a more important issue related to Defender.</p><p>For some reason (probably due to API used for the automation), BAFS does not work properly in most AVLab tests. When BAFS works, then the macros and files like EXE, JS, VBS (downloaded directly from the Internet) are locked just after the download and checked against the cloud backend. So the files are detected mostly at the Pre-Launch level. That is how Defender works on most computers. On the contrary, in the AVLab tests, we can see the opposite results. I am not sure if Defender should be tested in such a scenario. It would be good to contact Microsoft to solve this issue.</p></blockquote><p></p>
[QUOTE="Andy Ful, post: 1025939, member: 32260"] OK. :) I am not sure how this choice can impact the results for AVs. It is not only the case with web browser extensions. For example, the BAFS (very important Defender 0-day protection) does not work properly with Firefox. In this case, it is rather the Firefox issue, because Defender is a part of the Windows system. But, there is a more important issue related to Defender. For some reason (probably due to API used for the automation), BAFS does not work properly in most AVLab tests. When BAFS works, then the macros and files like EXE, JS, VBS (downloaded directly from the Internet) are locked just after the download and checked against the cloud backend. So the files are detected mostly at the Pre-Launch level. That is how Defender works on most computers. On the contrary, in the AVLab tests, we can see the opposite results. I am not sure if Defender should be tested in such a scenario. It would be good to contact Microsoft to solve this issue. [/QUOTE]
Insert quotes…
Verification
Post reply
Top
