Microsoft's play with Windows Defender: What are they aiming for?

[Windows Defender Shill]

* They finally realized security should be a default component of any operating system.
Esp one as prevalent and open as Windows.

* Security is a BIG reason why many people switched from Windows to Mac or Chromebook.

* Malware is no longer just for the lols. It's produced by organized crime and nation states.

* Herd protection within the Windows ecosystem. Removing a virus on one computer can prevent it from spreading to another.


Anti Trust issue:

* I can't imagine any American ( I don't know about Europe) court system not easily recognizing the need for a Windows computer to have built in adequate security in 2017. Almost everyone has had experience with malware now

* Microsoft should be able to easily make the case their product will not function correctly without an AV or some security measure. And their customers should not be forced to rely on third party.

*Despite the comments from Kaspersky, Microsoft does not prevent the installation of third party AVs. Nor are they producing a default AV that outperforms the leading 3rd party AVs.

*Remember Anti-Trust laws were developed to protect the consumer not to endanger it. A ruling against Windows Defender would do just that.

*Microsoft should be able to argue installing, updating and resubscribing to third party AVs can be a technical difficulty for many Windows users.

 

[ForgottenSeer 19494]

* They finally realized security should be a default component of any operating system.
Esp one as prevalent and open as Windows.

* Security is a BIG reason why many people switched from Windows to Mac or Chromebook.

* Malware is no longer just for the lols. It's produced by organized crime and nation states.

* Herd protection within the Windows ecosystem. Removing a virus on one computer can prevent it from spreading to another.


Anti Trust issue:

* I can't imagine any American ( I don't know about Europe) court system not easily recognizing the need for a Windows computer to have built in adequate security in 2017. Almost everyone has had experience with malware now

* Microsoft should be able to easily make the case their product will not function correctly without an AV or some security measure. And their customers should not be forced to rely on third party.

*Despite the comments from Kaspersky, Microsoft does not prevent the installation of third party AVs. Nor are they producing a default AV that outperforms the leading 3rd party AVs.

*Remember Anti-Trust laws were developed to protect the consumer not to endanger it. A ruling against Windows Defender would do just that.

*Microsoft should be able to argue installing, updating and resubscribing to third party AVs can be a technical difficulty for many Windows users.

Perfectly said. Period.

 

[Windows Defender Shill]

"Just as everyone said, They're going for a baseline security app.

which is exactly what it is to me. I decided to put it side by side against Bitdefender free in VM's yesterday (scanning detections, no execution) and it failed miserably. Out of the pack that I scanned (forgot the total # of samples)

Defender Detected 2
Bitdefender free detected 13

As someone said in a thread I was reading yesterday: I'm not ready to wake windows defender up from its graveyard "

If you're not convinced try the following settings

Windows Defender - On
Smartscreen set to block
Windows firewall - On
And "allow apps from the Store only" in App settings.

If you can get malware running on your system pass that, I and probably Microsoft want to know about it.

Sorry about butchering this reply

But for reasons unknown this site does not have a delete button.

 

[ForgottenSeer 19494]

"Just as everyone said, They're going for a baseline security app.

which is exactly what it is to me. I decided to put it side by side against Bitdefender free in VM's yesterday (scanning detections, no execution) and it failed miserably. Out of the pack that I scanned (forgot the total # of samples)

Defender Detected 2
Bitdefender free detected 13

As someone said in a thread I was reading yesterday: I'm not ready to wake windows defender up from its graveyard "

If you're not convinced try the following settings

Windows Defender - On
Smartscreen set to block
Windows firewall - On
And "allow apps from the Store only" in App settings.

If you can get malware running on your system pass that, I and probably Microsoft want to know about it.

Sorry about butchering this reply

But for reasons unknown this site does not have a delete button.

I once did this. Not the malware. The settings.

Spoiler: Hint

It was just for an hour.

 

[S3cur1ty 3nthu5145t]

It was as admit with smartscreen disabled. But I didn't execute the samples. Was just testing static detection.

Just static testing is pointless now days. None of the "raw" AV's will fair well against zero day samples, they simply can not push out the signatures quick enough. That is why many 3rd party ones have other modules.

I'm willing to bet if you had executed with smartscreen enabled, you would have been prompted for each sample, thus provided a chance to block all samples before execution by clicking the big "don't run" button. It is not often a sample will slide past both uac and smart screen.

If you really would like to make it interesting, leave Windows Defender Enabled when you drop that sample pack on the system and as you extract them.

P.s. if you are going to just test statically, make sure those samples are fresh "less then 24 hours old" and in the wild, as those criteria are all that would matter doing so.

 

[RoboMan]

Thanks for the responses guys. A nice debate was formed and it's really pleasure to read it.

 

[SaeedLohana]

Why would a software developer try so hard to offer a free product? What are we missing? Delight us with your answer and thoughts.

not every home user gets a premium anti virus, if more people would get hacked, more insult would go in the account of Microsoft, they are saving their reputation by making windows more secure through other techniques and defender. They won't make it a separate paid product, it's a part of windows, they can't simply ask users pay for defender or we are removing it from your PC making you un-/in-secure on our windows platform.

 

[Windows_Security]

Agree with SaeedLihana preventing bad press fpr their flagship product Windows on the desktop. Because Windows is on the desktop microsoft sells a lot of other products in the corporate environment (azure, dynamics, sharepoint, SQL-server etc) which always rate best when it comes to compatibility. So they are defending their desktop position after the lessons learned on the server market (Windows Server has lost market share to Unix based servers).

Furthermore they still have hope to increase market share on the tablet market with Windows 10. Usually tablets have low storage capacity so most consumers are not willing to buy an AntiVirus for their tablet. Microsoft is selling their own hardware now, so a good AV like WD serves a clear purpose for Microsoft.

 

[TheMalwareMaster]

"Just as everyone said, They're going for a baseline security app.

which is exactly what it is to me. I decided to put it side by side against Bitdefender free in VM's yesterday (scanning detections, no execution) and it failed miserably. Out of the pack that I scanned (forgot the total # of samples)

Defender Detected 2
Bitdefender free detected 13

As someone said in a thread I was reading yesterday: I'm not ready to wake windows defender up from its graveyard "

If you're not convinced try the following settings

Windows Defender - On
Smartscreen set to block
Windows firewall - On
And "allow apps from the Store only" in App settings.

If you can get malware running on your system pass that, I and probably Microsoft want to know about it.

Sorry about butchering this reply

But for reasons unknown this site does not have a delete button.

"Allow apps from the store only". Where can I set that? I'd like to make a test

 

[S3cur1ty 3nthu5145t]

"Allow apps from the store only". Where can I set that? I'd like to make a test

In the Windows Defender Security Center under Apps and Browser Control.

 

[RoboMan]

Q: Do you guys think Microsoft will ever make any paid security software? Like add special features to WD that you have to pay for, or add extra layers of security to the system that may require a version update? (Pro to Enterprise). Maybe a whole different security product like anti ransomware on its own (not built-in).