Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Software
Security Apps
Microsoft Defender
Windows Defender - Pro's and Con's
Message
<blockquote data-quote="Evjl&#039;s Rain" data-source="post: 778978" data-attributes="member: 51905"><p>Pros:</p><p>- Included with Windows, no need extra installation</p><p>- Improving every year with better signatures and new protection modules</p><p>- Included Windows smartscreen to protect against zero-day malwares</p><p>- Basic exploit protection => can be tweaked directly for better protection</p><p>- Included ransomware protection/folder protection which can be configured</p><p>- Has no web protection in default settings => no SSL/HTTPS certificate problem</p><p>- Basic web protection can be enabled for little bit better protection</p><p>- Can be tweaked using Configure-Defender, Group Policy or Powershell for maximum protection => better than 2/3 of 3rd-party AVs</p><p>- Very few bugs in default settings especially for average users who never touch its setting menu</p><p>- Smartscreen + Syshardener/any scriptblocker can protect a system only downloading files from the internet up to 98%, completely signature-less</p><p>- Smartscreen is quite effective against PUPs</p><p>- No ads, no popups</p><p></p><p>Cons:</p><p>- Very buggy when users are dealing with malwares or they play around with settings. Bugs can be super irritating and non-resolvable</p><p>- Slows down some specific PCs significantly in some tasks: copying, disk-intensive tasks, opening a folder with programs (repeatedly due to a lack of caching) => really high CPU and disk usage, very obvious on PCs with HDD, less with SSD</p><p>- Causes high CPU and disk usage during large updates. Time-consuming, too</p><p>- Extremely poor signatures before and after tweaking. Tweaks have zero effect on signatures (right-click scan)</p><p>- In default settings, cloud feature almost never works, never detect anything, served as a file uploader only => only after tweaking, it detects much much more</p><p>- Smartscreen can be bypassed very easily: external drives, archived files, some scripts/documents (malwares are abusing this vector) or any vectors introduce a file without downloading it from the internet</p><p>- Tweaks must be done outside the main UI => regular users are not capable</p><p>- Sometimes, WD can't remove a detected file even after requested reboot and removal process takes forever although users can simple delete that file in 1 second</p><p>- In many occasions, WD reverts some windows settings, most noticeably UAC, after detecting some malwares</p><p>- The latest features can only be got when users upgrade to the latest windows versions (like Block at first sign) => Windows updates are proven to break so many working machines => how about Windows 8.1 and older windows 10 users?</p><p>- Block at first sign and smartscreen are known to cause many many false positives due to low reputation of the files, which may/may not be whitelisted after a few days</p><p>- Some features are working like in beta: ransomware protection, web protection</p><p>- Problems with consistency: sometimes, WD randomly doesn't work as expected</p><p>- WD is the main target of malware makers and they are adapting (using scripts) and they can disable WD easily using simple registry/powershell tricks</p><p>- WD has almost non-existent behavior blocker, in default settings</p><p>- People who want to use WD safely must be very cautious because it can be defeated very easily</p><p>- WD is a telemetry tool from MS (minor point)</p><p>- The strength of WD mostly comes from Windows smartscreen and block at first sign. The rest are not very helpful</p></blockquote><p></p>
[QUOTE="Evjl's Rain, post: 778978, member: 51905"] Pros: - Included with Windows, no need extra installation - Improving every year with better signatures and new protection modules - Included Windows smartscreen to protect against zero-day malwares - Basic exploit protection => can be tweaked directly for better protection - Included ransomware protection/folder protection which can be configured - Has no web protection in default settings => no SSL/HTTPS certificate problem - Basic web protection can be enabled for little bit better protection - Can be tweaked using Configure-Defender, Group Policy or Powershell for maximum protection => better than 2/3 of 3rd-party AVs - Very few bugs in default settings especially for average users who never touch its setting menu - Smartscreen + Syshardener/any scriptblocker can protect a system only downloading files from the internet up to 98%, completely signature-less - Smartscreen is quite effective against PUPs - No ads, no popups Cons: - Very buggy when users are dealing with malwares or they play around with settings. Bugs can be super irritating and non-resolvable - Slows down some specific PCs significantly in some tasks: copying, disk-intensive tasks, opening a folder with programs (repeatedly due to a lack of caching) => really high CPU and disk usage, very obvious on PCs with HDD, less with SSD - Causes high CPU and disk usage during large updates. Time-consuming, too - Extremely poor signatures before and after tweaking. Tweaks have zero effect on signatures (right-click scan) - In default settings, cloud feature almost never works, never detect anything, served as a file uploader only => only after tweaking, it detects much much more - Smartscreen can be bypassed very easily: external drives, archived files, some scripts/documents (malwares are abusing this vector) or any vectors introduce a file without downloading it from the internet - Tweaks must be done outside the main UI => regular users are not capable - Sometimes, WD can't remove a detected file even after requested reboot and removal process takes forever although users can simple delete that file in 1 second - In many occasions, WD reverts some windows settings, most noticeably UAC, after detecting some malwares - The latest features can only be got when users upgrade to the latest windows versions (like Block at first sign) => Windows updates are proven to break so many working machines => how about Windows 8.1 and older windows 10 users? - Block at first sign and smartscreen are known to cause many many false positives due to low reputation of the files, which may/may not be whitelisted after a few days - Some features are working like in beta: ransomware protection, web protection - Problems with consistency: sometimes, WD randomly doesn't work as expected - WD is the main target of malware makers and they are adapting (using scripts) and they can disable WD easily using simple registry/powershell tricks - WD has almost non-existent behavior blocker, in default settings - People who want to use WD safely must be very cautious because it can be defeated very easily - WD is a telemetry tool from MS (minor point) - The strength of WD mostly comes from Windows smartscreen and block at first sign. The rest are not very helpful [/QUOTE]
Insert quotes…
Verification
Post reply
Top