[UPDATE] Is Windows Defender Enough Security?
Windows Defender Security Center (“Defender” for short) is the latest name for the built-in suite of anti-malware and security features in Windows 10. Historically, Defender and its antecedents have been mediocre offerings. So mediocre, in fact, that multiple test labs rated it dead last in effectiveness. But recently, Microsoft has focused on making Defender a comprehensive, safe, and free choice for all your security needs. Let’s see how close it has come... |
Will Windows Defender Defend You?
Windows Defender started life as an anti-spyware tool for Windows XP, Vista and Windows 7. It then morphed into Microsoft Security Essentials, which was billed as a full-blown antivirus program. It morphed again with the arrival of Windows 8 and 10, and was once again called Windows Defender. In October, 2013, I wrote an article titled Microsoft Security Essentials: EPIC FAIL, describing the poor performance of that tool, compared to third-party alternatives.
Microsoft's answer for this was that MSE was a “baseline” upon which third-party developers were expected to improve. So two years later, I published Has Microsoft Security Essentials Improved?, and the answer was NO.
But with Defender’s latest incarnation (part of the Windows 10 Fall Creators Update released in October 2017) things may have finally changed for the better. We do not have performance tests from independent labs like AV-TEST or AV-Comparatives yet. Those labs may be working on their next round of reports right now. But AV-Comparatives published a note on the Fall Creators Update version of Defender, noting some encouraging advances.
Exploit Guard, an extra layer of protection against exploitation of vulnerabilities, used to be available only in Enterprise editions of Win 10. Now it’s in the consumer versions, too, and it is enabled by default.
Exploit Guard includes four kinds of protection. Exploit protection is applied to operating system processes and to third-party apps. Attack Surface Reduction techniques minimize hacks via malware that exploits vulnerabilities in MS Office, Javascript and other scripting languages, and email-based malware. Network protection extends the SmartScreen real-time online protection in the MS Edge browser to your Win 10 network, even if you are not running Edge. Controlled Folder Access helps protect key system and data files from being altered by malware or encrypted by ransomware.
To see the nitty-gritty of Exploit Guard, type “Windows Defender” in the search box and open Windows Defender Security Center from the results. Then click on “app and browser control.” Scroll down to the “Exploit protection settings” link and click it. Do not turn off any of the features shown unless you understand what they are and have a good reason to disable them.
Oddly, one interesting new feature of Exploit Guard is turned off by default. “Controlled folder access” protects your files and folders against unauthorized alterations, such as the addition of malicious scripts to documents, or encryption by ransomware. I recommend enabling it; here’s how:
Open Defender, click on the icon labeled “Virus and threat protection,” then click on the link labeled “Virus and threat protection settings.” Scroll down to “Controlled folder access” and move the slider control to the “on” position. While you’re there, you can click the link labeled “Protected folders” to see exactly that. You can add a folder to be protected, too. Back up one page, return to “Controlled folder access,” and you will find another link to “Allow an app through Controlled folder access,” in case you ever need to give a new app permission to access files in a controlled folder.
Similar security features are part of the paid versions of several third-party security suites. Windows 10 now throws them in free of charge. The jury is still out on exactly how well they work, but Defender (at least in Windows 10) has definitely moved a long way in the right direction.
Are you using only the built-in Windows Defender with Windows 10? What has been your experience with it? Your thoughts on this topic are welcome. Post your comment or question below...
This article was posted by Bob Rankin on 5 Jan 2018
For Fun: Buy Bob a Snickers. |
Prev Article: Tech Winners and Losers 2017 |
The Top Twenty |
Next Article: [README] Before You Buy A Hard Drive |
There's more reader feedback... See all 24 comments for this article.
Post your Comments, Questions or Suggestions
Free Tech Support -- Ask Bob Rankin Subscribe to AskBobRankin Updates: Free Newsletter Copyright © 2005 - Bob Rankin - All Rights Reserved About Us Privacy Policy RSS/XML |
Article information: AskBobRankin -- [UPDATE] Is Windows Defender Enough Security? (Posted: 5 Jan 2018)
Source: https://askbobrankin.com/update_is_windows_defender_enough_security.html
Copyright © 2005 - Bob Rankin - All Rights Reserved
Most recent comments on "[UPDATE] Is Windows Defender Enough Security?"
(See all 24 comments for this article.)Posted by:
Lee
05 Jan 2018
TGreer: Quote: "Users need to understand that NO PRODUCT can protect you 100%, and that THEY need to accept the responsibility of watching what they click!"
You and I and everyone in the IT industry have been preaching user responsibility for decades. Although you and I are in complete agreement, sad to say, it'll never happen. Ignorance and user apathy are rampant, always have been, always will be. Want to talk about data backup, security updates, and application updates? Same song, second,third, and fourth chorus. Those folks are also our ticket to continued employment. The 'side benefit (?)' is, for us, early burn-out. Hope you and yours have a great 2018! Hang in there. ---- Lee
Posted by:
Steven Bohne
05 Jan 2018
I have windows 10 pro version and I do NOT have an option regarding folders. Is it because I am running Bitware as my main VP?
Posted by:
Robert Sutter
05 Jan 2018
I tried to turn on the folders option which brings up User control and when you click yes to accept it turns back off folder protection.
Posted by:
Rob
05 Jan 2018
Along with the Defender,I use Sophos Home Protection. Its free and no ads or popups. It's been great.
Posted by:
Mark H.
05 Jan 2018
Been using Defender only for a couple of years now. Once in a while I would scan with Malwarebytes Free.
Decided to go with paid Malwarebytes just for the scans. Other than usual PUPS, have had no problem.
Posted by:
bb
05 Jan 2018
I use Windows Defender on all my machines and lover the fact that Microsoft updates and program installations work without issues. Third party AV programs often cause problems, and especially a challenge for the Windows 10 "Feature Updates."
“Controlled folder access” is off by default because it breaks many programs - common accepted programs suddenly can't read or write to the protected programs. This should be expected as the 'Whitelist' of programs that are allowed is short. One can add blocked programs to the whitelist but it takes lots of clicks to do so.
Microsoft should have added an option to add a program to the Whitelist when a program is blocked, but they didn't - maybe because the user would be so tired of getting programs blocked that they would just click 'ok' without thinking. And then the Ransomeware would do its business.
There's no easy answer. It would also be helpful to be able to see (and edit) the whitelist, but that's not available either. Maybe later.
Posted by:
Mike
05 Jan 2018
I tried to turn on Controlled Folder Access, but several of my apps no longer worked or could no longer be updated. There is an "add or remove exclusions", but I was having trouble figuring out how to add the exclusions. I would turn Controlled Folder Access back on, but I need to find some tutorials on what and how to exclude for these apps.
Posted by:
Jim Horn
05 Jan 2018
Have had good results with Defender in my WIN10.
would like to include Guard if no cost, but how, where to download.
Posted by:
MmeMoxie
06 Jan 2018
I'm with Phillip Reeves - MS has fooled me way to many times, to trust it now. I like using the MS program, but simply do not trust MS for any security measures - I don't even use Microsoft Edge. One time I was a complete user of Microsoft's operating system and all of its bells and whistles, but that was about 20 years ago. In fact Win 95B was the OS that I learned how to use MS and how to repair MS! }:O)
Today, I have good security coverage with Bitdefender Total Security software and Malwarebytes Premium software! I have an excellent Firewall with my Wifi Router, which is a Pace router that used to be 2Wire Routers.
I have been an AT&T Internet DSL customer, since March of 2000 - That is 17 years of good solid Firewall protection. Yes, I have gotten some viruses but it honestly has been a "coon's age." My AV software programs have been doing an excellent job of protection. My Firewall is hardware as part of my Wifi router - Not software and that truly makes a big difference.
In the beginning I hated Windows 10, after the first BIG update in November 2015, I again download Windows 10 for about the 7 time and it finally, worked like it was suppose to work!!! I have finally gotten use to Windows 10 and feel very comfortable using the OS, just like an "old pair of slippers."
Posted by:
Brad
06 Jan 2018
So far (knock on wood) I've had no problems. I have McAfee as my anti virus and firewall. Windows defender is set for periodic scanning and I haven't notice any slow downs.
Posted by:
marge201
06 Jan 2018
I have Windows Defender on my W7 Pro desktop. Who knew! It tells me, "This program is turned off. If you are using another program that checks for harmful or unwanted software, use the Action Center to check that program's status. If you would like to use this program, click here."
I use malwarebytes and Microsoft Security Essentials which I check for updates most nights and update several times a week. Computer runs good. Do I need Windows Defender?
Posted by:
Gillian
06 Jan 2018
I have a new laptop that came with Windows 10 - which I finally beat into submission so I could actually do something useful with it - and I am running the free version of Bitdefender.
I followed Bob's instructions and found that all the sliders under Virus & threat protection are set to Off and greyed out - I can't turn any of the options on. Perhaps this is because Bitdefender has taken over these functions from Windows Defender?
Posted by:
ardj
06 Jan 2018
Thanks very much,Bob: have passed on the exploit protection implementation to my W10 users. One thought occurs to me - is it as intrusive as EMET, for instance - are they going to find themselves having to authorize things all the time ?
I agree with Philip Reeves and TGreer.
Posted by:
Andy
06 Jan 2018
I have used WD and before that MSE for years without problems. I also run Malwarebytes Free daily. They are both unobtrusive. I haven't had any viruses reported for ages and PUPs very rarely. AdblockPlus and tracking protection in Firefox also help.
Vigilance in opening links and downloads is probably the most important action to take.
I wasn't aware of Controlled Folder Access until now and have just switched it on. Thanks Bob.
Posted by:
Henry
06 Jan 2018
Re: WinDefender - Installing an "outside" A/V program on a Windows Machine seems like someone buying a Cadillac and then taking it to a Ford dealer to have additional parts put on it. It make sense to me that if the people who write the A/V program eat at the same cafeteria as the people who write the system software, there will be a natural flow of ideas in the same direction. Apparently I'm not seeing that correctly. But one question: Defender automatically turns off when an "outside" A/V program is installed: how are you guys defeating that protective function?
Posted by:
Peter O
06 Jan 2018
Ordinary folks just want to get on with what they are doing.
That means simple OS's, simple apps & simple to set & forget AV SW.
As the above comments indicate this world provides nothing like that environment.
The obvious flaws remaining in WD are clear testimony to that.
MS can only be regarded as disreputable but there is not much we can do to force change.
I still have unwanted pop ups with Avira & many other intruders & don't always have the time to track down their elimination.
Example: en softonic.com
Posted by:
Ernie
06 Jan 2018
Security essentials, real time protection will not "turn on" on my win 7 PC. No explanation, just a window that says can't be turned on. Remedy? I have malwarebytes premium.
Posted by:
marge201
06 Jan 2018
This is to follow up what I wrote yesterday about using MSE but, taking Bob's advice, I see I also have WD on my W7 Pro desktop. Well, today in reading an article about W10, It mentioned WD as an important tool to use. The screenshot in the article looked soooo familiar. Ha! It's the exact screen shot of MSE! So whatever WD is on my machine, I guess I just don't need it.
Posted by:
RandiO
06 Jan 2018
Regarding Microsoft patch for the latest CPU flaws (Meltdown/Spectre), here is a partial quote that may convice some to stick with Defender:
"Kevin Beaumont created a constantly updated online spreadsheet listing AV software compatibilities with the Windows patches. As of this writing, Beaumont says, Kaspersky, ESET, Avast, Symantec/Norton, F-Secure and, of course, Windows Defender work with the updates. Sophos, Trend Micro, McAfee, Bitdefender and Webroot don't as of yet (https://arstechnica.com/gadgets/2018/01/meltdown-and-spectre-heres-what-intel-apple-microsoft-others-are-doing-about-it/?comments=1)
Posted by:
RandiO
06 Jan 2018
Extract part#2:
...During testing, Microsoft found that some anti-virus software tries to do undocumented, unsupported things with kernel memory, and these things break when dual page tables are used...
Kaspersky AV, anyone????