When it comes to antivirus software, Windows Defender is the natural choice. In fact, it’s not so much a choice as just the standard state of things, as it comes pre-packed with Windows 10. (In previous Windows iterations it was known as Microsoft Security Essentials.) It’s, therefore, tempting to just leave it as is and say to yourself that things will probably be fine, right?
But is Windows’ built-in tool enough, or do we still need to rely on the big guns of antivirus software to keep us safe online? Read on for the lowdown.
Note: this analysis is based on tests carried out in December 2018. Results will inevitably vary over time, but we’ll be doing our best to keep on top of them.
How Does Windows Defender Compare?
Talking about Windows Defender in isolation won’t get us anywhere. What we need to know is how it stacks up to the biggest antivirus programs that you’ve probably downloaded or even paid for over the years – the McAfees, AVGs and Bitdefenders of the world.
Thankfully, there are several sites dedicated to comparing antivirus software on a monthly basis.
AV Test helps users make educated decisions about what antivirus they should use. They rank each antivirus on three factors using a scale from 0 to 6, where 6 is the best. The three elements they test for are Protection, Performance, and Usability. So how did Windows Defender fare?
Pretty well, it seems.
In April 2018 Windows Defender scored 5.5 across the three categories, but the tests from December 2018 actually showed an improvement in protection – giving it full marks. That technically gives it the same “Protection” and “Performance” ratings as antivirus giants like Avast, Avira and AVG.
In real terms, according to AV Test, Windows Defender currently offers 99.6% protection against zero-day malware attacks. Out of 1.5 million samples, Defender detected seven legitimate bits of software as malware in November, which was a little worse than the industry average of five.
So Windows Defender is certainly capable of mixing it up with the big boys, which may come as a surprise to those who knew of it several years ago as a somewhat rudimentary solution.
It’s hardly representative to look at just one website, though, as AV Tests’ means of testing and criteria will differ slightly from another. On that note, another popular website for antivirus testing is AV Comparatives. Can Windows Defender carry its impressive form over to this site?
Looking at the real-world protection tests, the results are again pretty good. AV Comparatives carried out its tests using a mix of malicious URLs, drive-by downloads, and URLs redirecting users to malware. Windows Defender had a 0% compromise rate, which was better than the 0.5% rate with Avast and AVG, and up there with the flawless scores of Avira, Bitdefender and McAfee.
Compared with previous years, Windows Defender has drastically improved in blocking “user-dependent” malware – so malware where Windows gives a warning to the user but still gives the option of executing it. In April 2018 the rate of user-dependent malware was 3.6%. In July through November 2018 this dropped down to an average of 0.8%
Where Windows Defender has slipped quite badly is in detecting false positives, where it now has by far the highest rate of all the major antivirus software out there. It clocked 106 false positives from July through November 2018 – more than double that of the second-worst AV in this regard.
These two trends could be correlated, with an increase in false positives and a much better blocking of user-dependent malware being the result of tighter security measures through Windows Defender. Of course, other software shows that you can score well in both these categories, so that’s the next thing Microsoft should be aiming for – cutting down false positives while maintaining high security.
Much Better than It Used to Be
Small hiccups aside, historical data on both AV Test and AV Comparatives shows a marked improvement in Windows Defender’s performance over the years.
Back in October 2015, Windows Defender received the joint-lowest rating for Protection (3.5/6), amounting to just 95% protection against 0-day malware attacks. (This was an alarming 80.5% in September 2015.) The industry average at the time was 97.2%, so Windows Defender was decidedly trailing the pack.
At AV Comparatives, meanwhile, Windows Defender had a 3% compromise rate from July through November 2016. That has been almost directly replaced by the possibility of “user-dependent” security compromises in 2018, which still isn’t perfect but a huge improvement.
The Verdict: A Sturdy Defence
Just a few years ago you’d have been laughed off for suggesting that it was enough for you to sit back, install no third-party AV software, and let Windows take care of defending your PC. While we wouldn’t encourage complacency, Windows Defender is now well-proven as a viable antivirus option unto itself.
However, if you want to err on the side of caution, there would be no harm in adding an extra layer of protection over Windows Defender, just to eliminate the minute possibility that something could sneak through the net.
But do you need to worry if all you have is Windows Defender? No, not any more. However, the malware landscape is always shifting, and we’ll keep an eye out for developments that suggest otherwise.
This article was first published in February 2017 and was updated in February 2019.