Paid Security verses the free Microsoft Defender on Windows 10

Topic

New Reply

Replace Your Paid Security with the free Microsoft Defender on Windows 10?

This question is for home users: Should you replace a paid seasoned Security Suite (SS) with Microsoft’s Defender?

In recent years free Microsoft Defender has been improving, but…

My current understanding is an SS has more security technologies and is more frequently updated than Defender. Note that SS disables Windows Defender functions upon installation on Windows 10.

Over decades of running a paid SS, we have never had an out of control infection on Windows, as far as we know. Malware is quarantined in real-time upon initial entry when triggered from a bad URL or an email attachment. That’s the only time we see the SS use substantial CPU cycles, processing an attempted infection, a rare event, thank goodness. In addition, we scan imported files with a right click, before opening them, or after unpacking them, just to be sure.

Has Windows Defender with an out of the box, default configuration, really caught up? Is the tide turning?

Example overviews of Windows Security Suites:
https://www.pcmag.com/picks/the-best-security-suites

Example review of this security issue:
https://www.pcmag.com/opinions/get-third-party-av-windows-defender-isnt-enough
Note browser restrictions statement with Defender. In contrast, SS has several browser extensions for Chrome and Firefox.

Windows 10 22H2 desktops & laptops on Dell, HP, ASUS; No servers, no domain.

2 users thanked author for this post.

Sky, Fred

Reply | Quote

Replies

AV Comparatives and AV Test both test Microsoft Defender in addition to a host of other security suites and programs:

https://www.av-comparatives.org/comparison/
https://www.av-test.org/en/antivirus/home-windows/

As you can see, Microsoft Defender isn’t quite as good as the top performing security suites and programs, but it is still pretty good at basic malware detection. As you say, it does lack in features, though, features which may be useful for some users. On the flip side, I’ve heard people (Susan?) say that it’s less likely to interfere with Windows updates, but I can’t say that I’ve personally ever had a major security program cause a problem with Windows updates. It may also be an idea to consider the reliability of the firewall of your chosen suite – I can’t comment on this.

As an aside, you mention that you always scan imported files. This is an excellent thing to do, and it may also be an idea to scan them with Malwarebytes Free too, as that has a reputation for picking up things that more traditional security programs don’t. It’s not a replacement for a proper security program, though.

2 users thanked author for this post.

GDR, windbg

Reply | Quote

oldfry,

I’ve posted several items on this here (do a search). I’ve been using WD as my MAIN AV for years w/o issue. That said I also use MalwareBytes Premium (I have lifetime subscriptions that I’ve had for years) at the same time. Yes, I know they all say not to do this however the results speak for themselves as I’ve NEVER had a malware infection.

IMHO Defender along with a good SPI Router and Safe Computing practices, especially regular Image Backups, and you should be just fine. You will also avoid the CPU tax imposed by the big products like Norton and McAfee to name a few. Not to mention them having their tentacles reaching into the depths of your system causing all kinds of havoc at the worst possible moments.

HTH

May the Forces of good computing be with you!

RG

PowerShell & VBA Rule!
Computer Specs

1 user thanked author for this post.

cmptrgy

Reply | Quote

Considering we don’t trust MS to patch out of the gate, why would we ever trust MS with our security?

4 users thanked author for this post.

windbg, ClearThunder, Alex5723, Fred

Reply | Quote

There are some that in the XP era recommended running as a non admin and without antivirus.  I’d recommend that you make sure the a/v is on the official list as being confirmed/verified to work with the Windows you run by Microsoft themselves and not just by the vendor. I have personally tracked too many times that a/v vendors caused patching side effects.

Especially for business users, Defender is actually a very good option.

Susan Bradley Patch Lady/Prudent patcher

1 user thanked author for this post.

windbg

Reply | Quote

Defender was originally shackled by Microsoft ON PURPOSE. The reason and that scene has changed a lot in the last 8 or so years. Defender has been a good anti virus program since Windows 8 (which is a good OS regardless what some think). I have a computer that came with Windows 8.0 Pro and one that came with Windows 10 Pro. Both have run (and currently run) ONLY Defender. Neither has had any threats.

Reply | Quote

Like RG, I’ve used WD for years as my primary A/V and have had no problems. Since no one A/V will detect everything, monthly I run a scan with Malwarebytes free version and also pick an online free scan from another vendor such as ESET or TrendMicro.

Good computing practices, a solid backup regime, and a solid router are necessities.

--Joe

Reply | Quote

[JohnW]

I use Windows Defender on Win 10 Pro. And  in addition to regular image backups and a good router, I run all downloaded executables through VirusTotal before running them.

I also run on demand scans with Malwarebytes Free and Emsisoft Emergency Kit (free, portable, on-demand scanner). https://www.emsisoft.com/en/home/emergencykit/

PCMag review: https://www.pcmag.com/reviews/emsisoft-emergency-kit-100

Windows 10 Pro 22H2

• This reply was modified 3 years, 6 months ago by JohnW.

1 user thanked author for this post.

windbg

Reply | Quote

windbg wrote:

Example review of this security issue:
https://www.pcmag.com/opinions/get-third-party-av-windows-defender-isnt-enough
Note browser restrictions statement with Defender.

Plus, the software’s SmartScreen malware filter only works for Microsoft browsers.

Microsoft Defender Browser Protection is available as a free extension for Chrome.

1 user thanked author for this post.

windbg

Reply | Quote

I agree with Drifty. If we can’t trust Microsoft to deliver and maintain a stable and secure OS, how can we trust them with the security of our computers?

"War is the remedy our enemies have chosen. And I say let us give them all they want" ----- William T. Sherman

1 user thanked author for this post.

Alex5723

Reply | Quote

If you cannot trust Microsoft security, why use their Operating System?

1 user thanked author for this post.

RetiredGeek

Reply | Quote

Thanks to all for your feedback.

Re: AV Comparatives: What I did notice, Microsoft has the worst performance impact, not sure if significant though.

Re: Firewall: Thankfully, that just works out of the box without any rule modifications. But UI is present to adjust rules, if ever need be.

Re: Patching side effects: We have not seen these. What we do instead is delay Microsoft Update to give any incompatibilities time to shake out and wait for Susan’s ok. When changing Windows 10 versions, we leave the fully updated third-party Security Suite (SS) running.

Re: “Even now Windows is fighting with third party antivirus vendors like Kaspersky”: Before running Windows Update, you need to make sure your SS is up to date. Microsoft can break third party device drivers from any vendor on a regular basis. A good SS has multiple device drivers watching data flows in real-time.

Re: Microsoft’s Stance: https://support.microsoft.com/en-US/windows-antivirus-software-providers
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-compatibility

Re: Running scans: We never run them unless importing files or I suspect something might be wrong but never is. Even the included root kit scanner is a waste of time, but does give some peace of mind. When importing an executable, we can also check the included reputation database for confirmation before running. As long as the SS reports good status in the tray, we are good. We expect the SS to watch program behavior in real-time and immediately trap and contain any infection. So far, that works by watching file system reads/writes, network traffic, and registry updates.

Re: Microsoft Defender Browser extension for Chrome. Thanks for the correction.

Re: The trust issue: Don’t want to change what has been working well for many years.

Since we have Windows Update turned off, except for the monthly update, we can’t run Microsoft Defender Antivirus anyway, because we would miss the timely updates, right?. Instead the SS updates itself whenever it wants and I rarely notice. So unlike Microsoft, they are trusted to update whenever they want.

Having to make registry changes to make the most out of a SS is not what I call user friendly for the typical home customer.

Windows 10 22H2 desktops & laptops on Dell, HP, ASUS; No servers, no domain.

Reply | Quote

windbg wrote:

Re: The trust issue: Don’t want to change what has been working well for many years.

Long experience and familiarity make an excellent base for trust. No need to repair what is not broken. ClearThunder and DrftyDonN expressed a negative opinion of Microsoft systems updates; causing me to reverse their conclusion back to question the OS that underlies every operation of the system.

I believe continuing to use the product you prefer is your best course of action. I only wish to point out that years of no infection with your preferred suite does not suggest that today’s WD would fail under the same conditions going forward.

Reply | Quote