Microsoft Defender vs. Antivirus: What’s Best for 2020?
It’s silent. You always have it on your PC, if you use Windows. You usually don’t notice it’s activity. And not, we’re not talking about the malware of some sort. Now the person of attention is Microsoft Defender – the proprietary anti-malware software, which has a lot of different responses. Some say, that Microsoft Defender is completely useless, and can’t provide the protection for your PC. And some say that it is one of the best antiviruses that have ever been made. Let’s try Microsoft Defender, compare it with popular antiviruses, and figure it out.
History of the Microsoft Defender
Microsoft Defender was first introduced in 2006 as Windows Defender, which supported actual at that time Windows XP and Server 2003. It was distributed by Microsoft as freeware, separately from Windows, but later it has been built-in.
Because Windows Defender was based on the GIANT AntiSpyware program, the major specialization of this antivirus was spyware. Spyware is a type of malware, which target is collecting your data – passwords, credit card info, chats, et cetera. That’s why Windows Defender was quite bad for any other malware detection, despite mentioned.
Replacing with Microsoft Security Essentials
After Windows 7 release, in the fall of 2009, Microsoft presented much better, proper, one may say, antivirus tool for their system. They called it Microsoft Security Essentials. The antivirus industry showed a quite mixed reaction to the new product. McAfee, Symantec, and Kaspersky showed a complete indifference, considering that Microsoft product is non-competitive against their products. And some software vendors saw a big potential of the new player. Immediately after it’s release, Microsoft Security Essentials secured the AV-TEST certification, showing perfect results and an ability to deal with all actual (at that point) malware.
But through a timeline, MSE efficiency was inexorably falling. In June 2013, it failed the AV-TEST, scoring zero in the protection test. Accordingly, it lost its anti-malware certificate. Nonetheless, Microsoft continued to develop MSE, simultaneously with Windows Defender, which appeared again in Windows 8 as a built-in anti-malware solution. Later, in Windows 10 2004 Update, it was renamed to Microsoft Defender.
Since 2012, when Windows Defender appeared in a new shape, it got mainly qualitative improvements. Since MSE had big troubles with protection and repairing – 2 of 3 criteria at AV-TEST, Microsoft focused on this parameter improvement. The virus definition base and abilities of system recovery after malware attacks were improved significantly. In April 2015, AV-TEST rated Windows Defender with an average score of 4.5 points of 6 and certified it. That was a significant success, but a few people noticed it. By that time, antivirus of Microsoft has got ill fame.
But does Microsoft Defender is so bad? Nowadays, it has the same results of AV-TEST as the top-line AV-software does – Kaspersky, McAfee, Norton, etc. But that’s not a guarantee that Microsoft Defender really can be competitive with AV-industry headliners. The only way to find it out is to compare it with the mentioned antiviruses, and not in the synthetic test, but real life.
So, what can it do?
In my daily PC activities, I use Norton 360. That’s instead a habit than a well-grounded choice because I’ve started using a PC with Windows XP and Norton 360 onboard, and no better collaboration could be found at that time (2003). And to understand if Microsoft Defender really can substitute a “proper”, well-known antivirus, I’ve disabled Norton 360 and used MS Defender instead of it for two weeks. I think this timeframe is enough to check out all pros and cons of the Defender and to make an objective conclusion.
The first impressions are the most lasting. And the user’s interface of any product is an enormously important thing, especially for proprietary software. In such cases, users always have an alternative, so the spoiled first impression can force the user to find another solution. And not only the user’s interface is important – distribution model and advertising are also playing a significant role. I think a lot of people can remember an obtrusive McAfee distribution in the pack with some software (Flash Player was the most popular). After such advertising, I was sick of any McAfee mention.
Why did I write that? Microsoft Defender has neither advertising nor distribution model – it’s already inside if you use Windows 8/8.1/10. And I have detected no obtrusion on its part – after installation of other anti-malware software, Microsoft Defender turns into sleeping mode. The only thing I can found fault with is that Windows forces you to set Defender up after the installation, and the denial will lead in repeatable notifications about “unprotected PC”. If the user has denied setting it up, maybe, he/she has other plans, huh?
Interface and usability
The interface of Microsoft Defender is quite user-friendly at first sight: all main functions are placed in the single menu, named “Security at a glance”. The functions – virus & threat protection, account protection, firewall & network protection and app & browser control – are placed there.
Such interface now is likely a standard for AV-sector headliners – Kaspersky, Comodo and my favourite Norton, so here is nothing new. But the next important milestone – scan menu with its settings – is not so easy to find. Not like it hard to find it, but you can’t see it from the start.
Another issue of the Microsoft Defender’s interface is persistent alerts about disabled backup creation tool and Windows Hello function. The peculiarity is that they offered the backup tool is OneDrive, which has bizarre behavior. The creation process starts without any notification, and on weak systems, it can cause freezes out of the blue. Another “not bug but feature” of OneDrive backups is that an old one will be overwritten with a new so that some data can be lost, or you would be lost an ability to fix some issues using a more former backup. And Microsoft Defender will busily offer you to set the OneDrive backups up, “for file recovery options in case of ransomware attack”©.
Till I was using Norton 360 as my basic anti-malware software, I thought that Microsoft Defender has only basic functions, and cannot be compared with any “proper” antivirus software. To tell the truth, I have never opened the Defender before these two weeks. And the proprietary anti-malware software surprised me because it has the same general functionality as AV-sector headliners do. Microsoft Defender can perform all usual types of scans, real-time protection, system repairing, and browser control. You can also set up a firewall for public, private, or domain network. By the way, it also has a “fresh start” button, which allows you to reinstall your Windows in one click. Of course, such function is available only because Microsoft Defender is an integral part of Windows.
But it’s close relations with Windows also creates a problem. Microsoft Defender is completely “immobilized”: you are not able to create its portable version on the USB drive, then carry it to your parent’s/girlfriend’s PC to scan or clean it.
One of the most important criteria for any antivirus software is its ability to counteract different malware attacks. As mentioned, the predecessor of Microsoft Defender, Microsoft Security Essentials, had lost its AV-Test certification and wasn’t able to restore it for a long time. But the modern AV-Test results of Microsoft Defender were rated as 5.5 of 6 for it’s protection. For comparison, Norton 360, Kaspersky, Avira and BullGuard got 6/6; McAfee has a comparable to MS Defender result of 5.5 points. Fortunately (or unfortunately), I could not check if the provided security is so good. But, anyway, I think I can clearly say that Microsoft Defender showed that he could protect your PC well; one may say, MS Defender is as good as Kaspersky, Norton, and others.
Of course, nothing is ideal. Microsoft Defender has one silly feature, that was annoying me through time. Every day I use an utility, which has been created by our programmer. It is programmed on Java, and the first time I tried to launch it, Defender blocked it as a “potentially unwanted”. I’ve added it to the whitelist, but after the first threat detection engine update, it stuck that utility, again. Such sclerosis is not very critical, but quite annoying, primarily if you use a lot of similar services every day.
And the most critical problem, that can call into question the efficiency of Microsoft Defender is it’s real-time protection “feature”. Defender can perform a really efficient real-time protection only if your PC is connected to the Internet. The mechanism of MS Defender supposes that it can use definition databases not only installed on your PC but also contained on Microsoft servers. Hence, the PC safety can be under danger every time your PC is offline. Of course, the majority of threats get to the PC from the Internet, so the Defender will be able to counteract. But what about the already downloaded viruses that had not been detected by the Defender immediately after downloading, and were launched by the user after getting offline?
At the beginning of this paragraph, I need to make two important remarks :
- All features of the Microsoft Defender are possible only because it is a part of the Windows. Earlier, some of these functions were as a separate menu in the Settings.
- There are no features that are similar to any other anti-malware software, and you couldn’t find anything like the Defender’s features at any other antivirus programs.
The main and, maybe, the most useful feature is Account protection. In the Microsoft Defender, you can set up your Microsoft account protection, Windows Hello (a proprietary mechanism of sign-in options setup), and the Dynamic Lock.
The first function allows you to use a cloud synchronization, cloud storage, device management, and all other actions that could be done using Microsoft account. That’s quite a useful feature for someone who is using Microsoft ecosystem, but that’s no real reason for me (and for the majority of users) to use this stuff.
Windows Hello is much more useful. Here you can set up a sign-in option – using face or fingerprint recognition (if your desktop/laptop has necessary accessories), PIN-code, password, or picture (!). The hardest method (in both senses) – the security key, a separate device that can be used as a physical key to log in your system or to launch designated apps. And the third feature is offered as a part of Windows Hello. The Dynamic Lock allows you to lock your PC/laptop if the selected device loses the Bluetooth connection with your machine.
Another significant feature is the Family Options. It is very similar to Parental Control for iOS – you add your children’s account to the “family”, and then control their screen time, purchases and track their activity. It’s useful, but, again, not for me.
Let’s sum it up
I thought it would be worse. Much worse and inefficient, with a lot of proprietary trash inside. However, I was surprised by quite good performance, absence of really critical bugs or “features”, and excellent functionality. Will I change my Norton 360 for the Microsoft Defender? No. And not because I’ve paid for an annual license for Norton. Microsoft Defender is something like reserve airfield, or, maybe, a solution for the students or older adults who don’t want to spend a lot of time and money, choosing an anti-malware program or setting it for their purposes. As a “free” solution that antivirus software is good, with its unique features.
Microsoft Defender must become more flexible, get some significant updates for its offline capabilities, and fix some little, but annoying bugs. Nonetheless, I can surely say that nowadays, Microsoft Defender is an equal opponent for the Kaspersky, Avira, Norton 360, McAfee, and other well-known anti-malware software.