Microsoft Defender Antivirus doesn’t get much security respect, but it’s been around for a long time. First released as Windows Defender in 2006, then rebranded as Microsoft Defender, it’s been included in every version of Windows since Vista, and is now just one of a set of built-in free security tools.
There’s on-demand and real-time malware protection, for instance. Automatic detection and blocking of known malicious URLs and files. A simple firewall. And some very sophisticated low-level exploit protection which makes it far more difficult for malware to attack your system.
- Want to try Microsoft Defender? Check out the website here
Microsoft’s parental controls are smarter than they used to be, too, with features including content filtering for Microsoft Edge, the ability to control how much time your kids can spend on their devices, and the ability to monitor all your family’s devices from one place.
Can you really rely on Microsoft Defender Antivirus alone, though? Let’s see.
One of the major benefits of Microsoft Defender Antivirus is it comes built-in with Windows, no installation required, no hassles, very little chance that it’ll conflict with anything else: it just works.
One great advantage of this simplicity is most users never to see Defender’s interface, beyond the occasional alert. Sensible default settings protect you out of the box, automatic scanning on download and execution keeps you safe from most threats, and idle and scheduled scans aim to detect everything else.
If you do want to take a look, though, type Windows in the Search box, choose Windows Security and browse what’s on offer.
As with many other security apps, the main dashboard displays your security status, while a sidebar gives you access to various functions: antivirus, account protection (how you log in), firewall and network protection, malicious URL and app blocking, parental controls and more.
This isn’t always intuitive. While many antivirus apps have a Scan button on the dashboard, for instance, Defender’s are two clicks away at the bottom of the Scan Options panel.
Despite these initial hassles, it doesn’t take long to figure out where everything is, and on balance Microsoft Defender Antivirus isn’t difficult to use.
Microsoft Defender has the full range of scanning options, and more: a quick scan, a full system scan, a custom scan to check the files and folders you need, even a boot scan which runs before Windows fully loads, to remove the most stubborn threats.
Quick scans took around a minute on our test PC, but we couldn’t get a consistent time for other scans. Defender focuses more on reducing its system impact than ramping up scan times. But does this work? It’s unclear.
AV-Comparative’s October 2021 Performance Test says no, placing Microsoft Defender a distant last place in a field of 17.
AV-Test’s Windows tests have highlighted speed issues in the past, but they’ve mostly disappeared, and Defender now typically scores a best-possible 6/6 for speed in most AV-Test reports.
Protection is what really matters with any antivirus. Microsoft Defender has had mixed results from the independent labs in the past, but it’s improved over the past few years, and now outperforms many commercial competitors.
AV-Comparatives’ July-October 2021 Real-World Protection Test placed Microsoft equal eighth (with Bitdefender and VIPRE) out of 17, for instance, with a protection rating of 99.7%. Okay, that’s not leading-edge – Trend Micro, Panda and Norton all blocked 100% of threats – but we can’t really complain about an antivirus which ‘only’ does as well as Bitdefender (especially when it’s free.)
AV-Test’s Windows Consumer reports awarded Defender a maximum 6/6 points for protection, speed and usability in all but one of its tests over the past year (it dropped to 5.5/6 for one Usability score.) Only Avast and Norton scored higher.
SE-Labs’ July-September 2021 Home Anti-Malware Protection report tells a similar story, with Microsoft Defender ranked second out of nine on its Total Accuracy rating.
Our own tests showed capable file detection, but little in the way of behavior monitoring.
For example, one group of tests involves using trusted Windows apps to download malicious files, a common scripting trick. Bitdefender and Kaspersky realized there was a problem purely from the behavior, and killed the process before it could download the file. Microsoft Defender accepted the behavior, allowed the download, and only raised the alarm when it realized the file was malicious. It still protected us, this time, but perhaps wouldn’t have done if the threat were brand new.
We pitted Microsoft Defender against our custom ransomware, but it missed that, too, allowing it to encrypt thousands of test files.
Fortunately, Defender has a second layer of protection in its Controlled Folders feature (Security Center > Virus & Threat Protection > Manage Ransomware Protection.) Turn this on and it automatically blocks unauthorized apps from accessing key document folders (Documents, Pictures, Videos, Music, more) and you can easily add more.
We turned Controlled Folders on, added our test folder to the list, and ran the ransomware simulator again. This time, Defender displayed an alert when our ransomware tried to access the folder, and it wasn’t able to encrypt any documents.
This isn’t exactly sophisticated. Controlled Folders simply blocks everything it doesn’t recognize, and previously we’ve found some legitimate programs refused to run until we manually added them to an Exceptions list.
Avast’s Ransomware Shield is smarter, more like a firewall; when it detects an unauthorized access to a folder, it alerts you, but also asks if the process is legitimate. Confirm it, Ransomware Shield adds the app to your Exceptions list itself and there’s nothing else to do.
Controlled Folders could be better, then, but it did its core job, keeping us safe from a threat that the antivirus engine missed.
We’re not going to discuss it in depth here, but Windows’ OneDrive integration helps a little, too. The standard 5GB of free online storage space isn’t a lot, but it’s free, it’s 5GB more than you’ll get with most security apps, and it could help you protect your most important data from attack.
Windows security doesn’t stop with antivirus, and there are several other features to explore.
Top of the list is probably the firewall. This does a fair job of protecting you from incoming network attacks, but it’s less interested in controlling outbound access; if an app is able to run as an administrator, it’s able to customize the firewall by adding its own rules.
Defender’s reputation-based SmartScreen protection allows it to block access to malicious websites, files and apps. Its URL filtering is consistently less accurate than the competition in our tests, and, worse, it only works with Microsoft Edge. SmartScreen’s file and download checks work system-wide, though, and they’re a useful extra layer of protection.
Windows has a bunch of extremely low-level exploit and device security features, largely focused on how the operating system handles memory. They’re important, but they’re best left alone, even by expert users – playing with CFG, DEP, ASLR and Memory Integrity settings can in some situations break your PC to the point that it won’t even boot.
Finally, there’s the Family Options page, a collection of parental controls features.
The good: you get quite a few options, including the ability to filter websites by content, control when your kids can use their devices and which apps they can buy, then get regular activity reports on what they’ve been doing.
The bad: these are mostly very basic, and the Windows browser options are Edge-only. Bypassing them is as easy as downloading Chrome.
You can install a free Microsoft Family Safety app on Android and iOS, to help control screen time, web and app use across other platforms. It only covers the very basics, but it’s still a welcome addition to the package, and if you’re looking for parental controls then it’s worth checking out.
Microsoft Defender isn’t as feature-packed as the top antivirus competition, but it’s more accurate than some big-name commercial products, and is much less likely to cause issues with your other applications. If simplicity (or price) is top of your priority list, it’s a reasonable choice.
We’ve also highlighted the best antivirus