Microsoft Defender vs. Antivirus: What’s Best for 2023?
It’s silent. You always have it on your PC if you use Windows. You usually don’t notice its activity. And not, we’re not talking about the malware of some sort. Now the person of attention is Microsoft Defender – the proprietary anti-malware software, which has a lot of different responses. Some say that Microsoft Defender is completely useless and can’t provide protection for your PC. And some say that it is one of the best antiviruses ever made. Let’s try Microsoft Defender, compare it with popular antiviruses, and figure it out.
History of the Microsoft Defender
Microsoft Defender was first introduced in 2006 as Windows Defender, which supported actual at that time Windows XP and Server 2003. It was distributed by Microsoft as freeware, separately from Windows, but later it was built-in.
Because Windows Defender was based on the GIANT AntiSpyware program, the primary specialization of this antivirus was spyware. Spyware is malware that targets collecting your data – passwords, credit card info, chats, et cetera. That’s why Windows Defender was quite bad for any other malware detection, despite what was mentioned.
Replacing with Microsoft Security Essentials
After the Windows 7 release, in the fall of 2009, Microsoft presented a much better, proper, one may say, antivirus tool for their system. They called it Microsoft Security Essentials. The antivirus industry showed a quite mixed reaction to the new product. McAfee, Symantec, and Kaspersky showed complete indifference, considering that Microsoft’s product is non-competitive against their products. And some software vendors saw a big potential in the new player. Immediately after its release, Microsoft Security Essentials secured the AV-TEST certification, showing perfect results and an ability to deal with all actual (at that point) malware.
But through a timeline, MSE efficiency was inexorably falling. In June 2013, it failed the AV-TEST, scoring zero in the protection test. Accordingly, it lost its anti-malware certificate. Nonetheless, Microsoft continued to develop MSE simultaneously with Windows Defender, which appeared again in Windows 8 as a built-in anti-malware solution. Later, in Windows 10 2004 Update, it was renamed Microsoft Defender.
Since 2012, when Windows Defender appeared in a new shape, it got mainly qualitative improvements. Since MSE had big troubles with protection and repairing – 2 of 3 criteria at AV-TEST, Microsoft focused on this parameter improvement. The virus definition base and system recovery abilities after malware attacks improved significantly. In April 2015, AV-TEST rated Windows Defender with an average score of 4.5 points out of 6 and certified it. That was a significant success, but a few people noticed it. By that time, the antivirus of Microsoft has gained ill fame.
But does Microsoft Defender is so bad? Nowadays, it has the same results of AV-TEST as the top-line AV software does – Kaspersky, McAfee, Norton, etc. But that’s not a guarantee that Microsoft Defender can be competitive with AV industry headliners. The only way to find it out is to compare it with the mentioned antiviruses, not in the synthetic test but real life.
So, what can it do?
In my daily PC activities, I use Norton 360. That’s instead a habit than a well-grounded choice because I’ve started using a PC with Windows XP and Norton 360 onboard, and no better collaboration could be found at that time (2003). And to understand if Microsoft Defender really can substitute a “proper”, well-known antivirus, I’ve disabled Norton 360 and used MS Defender instead of it for two weeks. I think this timeframe is enough to check out all pros and cons of the Defender and to make an objective conclusion.
The first impressions are the most lasting. And the user interface of any product is an enormously important thing, especially for proprietary software. In such cases, users always have an alternative, so a bad first impression can force the user to find another solution. And not only the user’s interface is important – distribution model and advertising are also play a significant role. I think a lot of people can remember an obtrusive McAfee distribution in the pack with some software (Flash Player was the most popular). After such advertising, I was sick of any McAfee mention.
Why did I write that? Microsoft Defender has neither an advertising nor distribution model – it’s already inside if you use Windows 8/8.1/10. And I have detected no obtrusion on its part – after installation of other anti-malware software, Microsoft Defender turns into sleeping mode. I can find fault with the only thing that Windows forces you to set Defender up after the installation. The denial will lead to repeatable notifications about “unprotected PC”. If the user has denied setting it up, maybe, they have other plans, huh?
Interface and usability
The interface of Microsoft Defender is quite user-friendly at first sight: all main functions are placed in the single menu, named “Security at a glance”. The functions – virus & threat protection, account protection, firewall & network protection, and app & browser control – are placed there.
Such interface now is likely a standard for AV-sector headliners – Kaspersky, Comodo and my favorite Norton, so here is nothing new. But the next important milestone – scan menu with its settings – is not so easy to find. Not like it’s hard to find it, but you can’t see it from the start.
Another issue of the Microsoft Defender’s interface is persistent alerts about disabled backup creation tools and the Windows Hello function. The peculiarity is that they offered the backup tool, OneDrive, which has bizarre behavior. The creation process starts without any notification, and on weak systems, it can cause freezes out of the blue. Another “not bug but feature” of OneDrive backups is that an old one will be overwritten with a new one so that some data can be lost, or you would be lost the ability to fix some issues using a more former backup. And Microsoft Defender will busily offer you to set the OneDrive backups up “for file recovery options in case of ransomware attack”©.
Till I was using Norton 360 as my basic anti-malware software, I thought that Microsoft Defender had only basic functions and could not be compared with any “proper” antivirus software. I have never opened the Defender before these two weeks. And the proprietary anti-malware software surprised me because it has the same general functionality as AV-sector headliners do. Microsoft Defender can perform all usual scans, real-time protection, system repair, and browser control. You can also set up a firewall for public, private, or domain networks. It also has a “fresh start” button, which allows you to reinstall your Windows in one click. Of course, such a function is available only because Microsoft Defender is an integral part of Windows.
But its close relations with Windows also creates a problem. Microsoft Defender is completely “immobilized”: you cannot create its portable version on the USB drive and then carry it to your parent’s/girlfriend’s PC to scan or clean it.
One of the most important criteria for any antivirus software is its ability to counteract different malware attacks. As mentioned, the predecessor of Microsoft Defender, Microsoft Security Essentials, had lost its AV-Test certification and couldn’t restore it for a long time. But the modern AV-Test results of Microsoft Defender were rated as 5.5 of 6 for its protection. For comparison, Norton 360, Kaspersky, Avira, and BullGuard got 6/6; McAfee has a comparable MS Defender result of 5.5 points. Fortunately (or unfortunately), I could not check if the provided security is so good. But, anyway, I think I can clearly say that Microsoft Defender showed that he could protect your PC well; one may say, MS Defender is as good as Kaspersky, Norton, and others.
Of course, nothing is ideal. Microsoft Defender has one silly feature that was annoying me over time. Every day I use a utility that our programmer has created. It is programmed on Java, and the first time I tried to launch it, Defender blocked it as “potentially unwanted”. I’ve added it to the allowlist, but it stuck that utility again after the first threat detection engine update. Such sclerosis is not very critical but quite annoying, primarily if you use a lot of similar services every day.
, the most critical problem that can call into question the efficiency of Microsoft Defender is its real-time protection “feature”. The defender can perform a really efficient real-time protection only if your PC is connected to the Internet. The mechanism of MS Defender supposes that it can use definition databases installed on your PC and contained on Microsoft servers. Hence, PC safety can be in danger whenever your PC is offline. Of course, most threats get to the PC from the Internet, so the Defender will be able to counteract them. But what about the already downloaded viruses that the Defender had not detected immediately after downloading and was launched by the user after getting offline?
At the beginning of this paragraph, I need to make two important remarks :
- All features of the Microsoft Defender are possible only because it is a part of Windows. Earlier, some of these functions were as a separate menu in Settings.
- There are no features similar to any other anti-malware software, and you couldn’t find anything like Defender’s features in any other antivirus programs.
The main and, maybe, the most useful feature is Account protection. In the Microsoft Defender, you can set up your Microsoft account protection, Windows Hello (a proprietary mechanism of sign-in options setup), and the Dynamic Lock.
The first function allows you to use cloud synchronization, cloud storage, device management, and all other actions that could be done using a Microsoft account. That’s quite a useful feature for someone using the Microsoft ecosystem, but that’s no real reason for me (and most users) to use this stuff.
Windows Hello is much more useful. Here you can set up a sign-in option – using face or fingerprint recognition (if your desktop/laptop has necessary accessories), PIN code, password, or picture (!). The hardest method (in both senses) – is the security key, a separate device that can be used as a physical key to log in to your system or launch designated apps. And the third feature is offered as a part of Windows Hello. The Dynamic Lock allows you to lock your PC/laptop if the selected device loses the Bluetooth connection with your machine.
Another significant feature is the Family Options. It is very similar to Parental Control for iOS – you add your children’s account to the “family”, and then control their screen time, and purchases, and track their activity. It’s useful, but, again, not for me.
Let’s sum it up
I thought it would be worse. Much worse and inefficient, with a lot of proprietary trash inside. However, I was surprised by the good performance, the absence of critical bugs or “features”, and the excellent functionality. Will I change my Norton 360 for the Microsoft Defender? No. And not because I’ve paid for an annual license for Norton. Microsoft Defender is something like a reserve airfield or a solution for students or older adults who don’t want to spend a lot of time and money choosing an anti-malware program or setting it for their purposes. As a “free” solution, antivirus software is good, with its unique features.
Microsoft Defender must become more flexible, get some significant updates for its offline capabilities, and fix some little but annoying bugs. Nonetheless, I can say that nowadays, Microsoft Defender is an equal opponent to Kaspersky, Avira, Norton 360, McAfee, and other well-known anti-malware software.