Pros:
- Included with Windows, no need extra installation
- Improving every year with better signatures and new protection modules
- Included Windows smartscreen to protect against zero-day malwares
- Basic exploit protection => can be tweaked directly for better protection
- Included ransomware protection/folder protection which can be configured
- Has no web protection in default settings => no SSL/HTTPS certificate problem
- Basic web protection can be enabled for little bit better protection
- Can be tweaked using Configure-Defender, Group Policy or Powershell for maximum protection => better than 2/3 of 3rd-party AVs
- Very few bugs in default settings especially for average users who never touch its setting menu
- Smartscreen + Syshardener/any scriptblocker can protect a system only downloading files from the internet up to 98%, completely signature-less
- Smartscreen is quite effective against PUPs
- No ads, no popups
Cons:
- Very buggy when users are dealing with malwares or they play around with settings. Bugs can be super irritating and non-resolvable
- Slows down some specific PCs significantly in some tasks: copying, disk-intensive tasks, opening a folder with programs (repeatedly due to a lack of caching) => really high CPU and disk usage, very obvious on PCs with HDD, less with SSD
- Causes high CPU and disk usage during large updates. Time-consuming, too
- Extremely poor signatures before and after tweaking. Tweaks have zero effect on signatures (right-click scan)
- In default settings, cloud feature almost never works, never detect anything, served as a file uploader only => only after tweaking, it detects much much more
- Smartscreen can be bypassed very easily: external drives, archived files, some scripts/documents (malwares are abusing this vector) or any vectors introduce a file without downloading it from the internet
- Tweaks must be done outside the main UI => regular users are not capable
- Sometimes, WD can't remove a detected file even after requested reboot and removal process takes forever although users can simple delete that file in 1 second
- In many occasions, WD reverts some windows settings, most noticeably UAC, after detecting some malwares
- The latest features can only be got when users upgrade to the latest windows versions (like Block at first sign) => Windows updates are proven to break so many working machines => how about Windows 8.1 and older windows 10 users?
- Block at first sign and smartscreen are known to cause many many false positives due to low reputation of the files, which may/may not be whitelisted after a few days
- Some features are working like in beta: ransomware protection, web protection
- Problems with consistency: sometimes, WD randomly doesn't work as expected
- WD is the main target of malware makers and they are adapting (using scripts) and they can disable WD easily using simple registry/powershell tricks
- WD has almost non-existent behavior blocker, in default settings
- People who want to use WD safely must be very cautious because it can be defeated very easily
- WD is a telemetry tool from MS (minor point)
- The strength of WD mostly comes from Windows smartscreen and block at first sign. The rest are not very helpful