Windows Defender gets 100% in AV-Comparatives "Real-World Protection Test" Feb. 2018

5

509322

If the samples are checked by the SmartScreen (they probably did not) the result will be close to 100%. SmartScreen Application Reputation has some limitations, for example, only BAT, CMD, JSE, VBE scripts can be checked and most malware scripts are VBS, JS, PS1. Also, executables downloaded by macros in Office documents are ignored by SmartScreen. There is also a problem with measuring properly the postinfection protection in the tests. So if one uses the above, without additional protection, Defender will score only an average (or below) detection rate.
But, the home users on Windows 10 can simply block Windows Script Host and set Constrained Language mode for PowerShell (2 simple reg tweaks) to get a decent protection against most new malware samples in the wild.

That's the problem, the areas that SmartScreen ignores.
 
5

509322

Can you prove that or is just your opinion? If you can actually prove that, how other antivirus solutions fare against it?

Oh nice to know, for just a second I thought that Microsoft was doing some charity work with Windows division.

I don't have to prove anything. There have been published tests - and AV-Comparatives and the rest ain't it. Research it.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
Like someone stated in another place, Microsoft uses Windows 10 Home as an intelligence gathering platform for their Windows Defender ATP network - which is an add-on subscription-only service for their volume license susbscribers. All the Windows 10 Home users just don't realize that all that telemetry is being used not for their benefit but Microsoft's profit. Home users are chumps. They've been duped. Microsoft gives them the short end of the stick. And Microsoft makes a ton of money off of them.
I said something like that in one of my posts (and also some other people did), and still, think that is true.:)
 
  • Like
Reactions: ZeroDay
5

509322

I said something like that in one of my posts (and also some other people did), and still, think that is true.:)

Yeah, well, watch the Microsoft - Windows Defender fanboyism start. There's nothing like watching the fanboys come out and claim that I'm bashing Microsoft when, in fact, I'm pointing out yet another area of Microsoft exploitation or whatever you want to call it. I bet they won't feel the same when Microsoft starts charging a subscription fee for Windows 10 Home.

It's those that are emotionally attached and emotionally involved with Windows Defender that are blinded and live in denial - and refuse to accept reality for what it is.
 
Last edited by a moderator:

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
I don't have to prove anything. There have been published tests. Research it.

Like AV-Comparatives and AV-TEST tests where Microsoft is doing great? They follow AMTSO testing guidelines too ...
 
5

509322

Like AV-Comparatives and AV-TEST tests where Microsoft is doing great? They follow AMTSO testing guidelines too ...

AMSTO guidelines are just guidelines by mutual agreement among the members. Those guidelines do not establish a bare minimum quality standard in the same manner as a mandated governing body such as ISO.

And this part in the most recent AV-Comparatives test applies particularly to Microsoft's Windows Defender...

In case you missed it:

"We would like to point out that while some products may sometimes be able to reach 100% protection rates in a test, it does not mean that these products will always protect against all threats on the web. It just means that they were able to block 100% of the widespread malicious samples used in a test."

chart.av-comparatives.org/chart1.php?chart=chart2&year=2018&month=2&sort=0&zoom=3
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
AMSTO guidelines are just guidelines by mutual agreement among the members. Those guidelines do not establish a bare minimum quality standard in the same manner as a mandated governing body such as ISO.

And this part in the most recent AV-Comparatives test applies particularly to Microsoft's Windows Defender...

It is something obvious that these solutions wont always protect against all threats on the web and this isnt a problem, the average user wont find those zero days malwares anyway, even researchers have problems finding true zero day malware.

If I am a fanboy you are a hater, simple as that. Your posts sounds like that Microsoft hasnt done anything to improve Windows Defender (the "new" Windows Defender by your own words) and it isnt true, you talk like it is the old basic signature scanner from GIANT Antispware technology.

Other vendors and companies can get away with agressive telemetry, false marketing, but if Microsoft uses telemetry it is the end of the world.

About the 60 ~70 % protection of Windows Defender against zero day malware part, I really dont see much difference compared to other solutions and yet people arent bashing those products.

Ps: I dont use Windows Defender, too heavy for my tastes, but I cant tolerate this free hate against everything that Microsoft does.
 
5

509322

It is something obvious that these solutions wont always protect against all threats on the web and this isnt a problem, the average user wont find those zero days malwares anyway, even researchers have problems finding true zero day malware.

If I am a fanboy you are a hater, simple as that. Your posts sounds like that Microsoft hasnt done anything to improve Windows Defender (the "new" Windows Defender by your own words) and it isnt true, you talk like it is the old basic signature scanner from GIANT Antispware technology.

Other vendors and companies can get away with agressive telemetry, false marketing, but if Microsoft uses telemetry it is the end of the world.

About the 60 ~70 % protection of Windows Defender against zero day malware part, I really dont see much difference compared to other solutions and yet people arent bashing those products.

Ps: I dont use Windows Defender, too heavy for my tastes, but I cant tolerate this free hate against everything that Microsoft does.

I'm not a hater. I actually use Windows Defender on all my systems. So stop your false accusations.
 
  • Like
Reactions: ZeroDay

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Guys, there is no need to argue about Windows Defender. I am testing it for about 2 years. All mentioned tests can give different results depending on the adopted methodology. Generally, all tests based on the executables downloaded from the Internet will score Defender high, because of SmartScreen. On the contrary, the tests based on script malware samples or based on the samples downloaded in the compressed archives (homemade tests) etc., will score Defender average because the samples are ignored by SmartScreen Application Reputation.(y)
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
...
Ps: I dont use Windows Defender, too heavy for my tastes, but I cant tolerate this free hate against everything that Microsoft does.
Yes, many @Lockdown posts are very critical about Microsoft practices and Defender. But, maybe both of you like to keep some balance. You over the haters, and @Lockdown over the fanboys. :)(y)
 

Nightwalker

Level 24
Verified
Honorary Member
Top Poster
Content Creator
Well-known
May 26, 2014
1,339
Guys, there is no need to argue about Windows Defender. I am testing it for about 2 years. All mentioned tests can give different results depending on the adopted methodology. Generally, all tests based on the executables downloaded from the Internet will score Defender high, because of SmartScreen. On the contrary, the tests based on script malware samples or based on the samples downloaded in the compressed archives (homemade tests) etc., will score Defender average because the samples are ignored by SmartScreen Application Reputation.(y)

I agree to that, Windows Defender may have average protection against scripts but many other solutions do worst (and some people pay for that!); many solutions dont use AMSI technology and some dont even have anything proprietary equivalent.

Said that, it is obvious that the new Windows Defender (without sarcastic quotation marks) evolved a lot since 2015 and it shouldnt be analysed by itself, but along the security concept and platform that Microsoft is creating (Exploit Guard, SmartScreen, ATP, Cloud, Block at First Sight and etc).

The average Windows 10 user now by default is much safer than ever and this is a really good thing.
 

Andy Ful

From Hard_Configurator Tools
Verified
Honorary Member
Top Poster
Developer
Well-known
Dec 23, 2014
8,040
Some day I will make lots of money and then create an AV and that AV will be on top of the list and I will make more money from it. :p
Will you pay also for breaking it? I can wait.:)
 
  • Like
Reactions: jogs and frogboy
5

509322

I agree to that, Windows Defender may have average protection against scripts but many other solutions do worst (and some people pay for that!); many solutions dont use AMSI technology and some dont even have anything proprietary equivalent.

Said that, it is obvious that the new Windows Defender (without sarcastic quotation marks) evolved a lot since 2015 and it shouldnt be analysed by itself, but along the security concept and platform that Microsoft is creating (Exploit Guard, SmartScreen, ATP, Cloud, Block at First Sight and etc).

The average Windows 10 user now by default is much safer than ever and this is a really good thing.

The improvement in Windows Defender over the past few years is not the issue. Yes, default Windows 10 security is better than it has ever been, but that does not mean that it is sufficient. Whether or not it is sufficient varies with a system's usage and individual computing habits. Like I stated earlier, in the vast majority of cases, if a system is remaining safe with default Windows 10 security, then it is probability and the fact the system is not being exposed to any high risk.

The SmartScreen holes alone are just plain ludicrous. In some parts of the world, those holes result in 90+% of infection routes.

The truth of the matter is that despite Microsoft's big Windows 10 security efforts over the past five years it remains behind the industry and the typical user is better off, for a whole lot of reasons, either installing a 3rd-party security solution or just ditching Windows altogether and using Chromebook.
 
5

509322

Actually it affects every vendor that has taken part in these lab tests, not just the recent, but past results too.

It is particularly appropriate to Windows Defender. I actually test it and know how atrocious it actually is. The perception of what Windows 10 WIndows Defender is and what it actually is are two different things. But yes, it is true of them all, but not equally true.
 
5

509322

Guys, there is no need to argue about Windows Defender. I am testing it for about 2 years. All mentioned tests can give different results depending on the adopted methodology. Generally, all tests based on the executables downloaded from the Internet will score Defender high, because of SmartScreen. On the contrary, the tests based on script malware samples or based on the samples downloaded in the compressed archives (homemade tests) etc., will score Defender average because the samples are ignored by SmartScreen Application Reputation.(y)

100 % green bar and 5 stars in the AV test lab results. It must be awesome. Plus it's on the internet. So it must be true. Right ?

All that matters to 99.99999% of those that look at AV test lab result results is pretty pictures and not knowledge or understanding of the test results.
 
Last edited by a moderator:

212eta

Level 9
Verified
Well-known
May 11, 2011
444
There is also another Graph from AV-C when it comes to Microsoft Defender.

And things are not that favorable...;)
 
Last edited:
  • Like
Reactions: upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top