Study: Microsoft Defender Too Reliant on Internet
A new study suggests Microsoft Defender's effectiveness varies dramatically on the setting. It's one of the best for online-based threats, but among the worst performers for offline-based threats.
The study is from AV Comparatives, which runs regular tests on more than a dozen leading cyber security tools. (Source: av-comparatives.org)
The results for Microsoft Defender are particular noteworthy for two reasons. First, it's the default, built-in tool for modern versions of Windows, meaning hundreds of millions of people use it. Second, it's often argued that Defender does a good enough job that the average user can rely on it rather than bother with a third-party solution.
The tests involved scans with the computer both connected to the Internet and offline. AV Comparatives argues that's important as some security software doesn't work as well when it can't reach remote servers for analysis and details on the latest threats.
They also looked at both whether the software could detect security threats and whether the system would be protected by stopping malware causing any harm.
False Alarms An Issue
For the online detection, Windows Defender picked up 98.1 percent of threats, beaten only by Avast, AVG, McAfee and Norton Lifelock. When it came to protection, Microsoft scored 99.99 percent, with Avast, AVG, G Data and McAfee the only tools to get a perfect score.
With the offline detection, Microsoft only picked up 69.8 percent of threats, beating only two other tools. Most of the rivals scored 90 percent of more.
The study also looked at false alarms across all the tests. Microsoft scored 19, with only three other tools being more likely to find a false positive. Avira, ESET and Kaspersky all had a perfect record in this category. (Source: techspot.com)Flaky Connections Could Mean Trouble
How important the offline scanning is may be a debatable point in the broadband age, with many users constantly connected to the Internet whenever their device is on.
Microsoft Defender appears to be particularly reliant on using an Internet connection, for example to remotely retrieve data about threats or to send details of suspicious files off for "cloud-based" analysis. That could mean it uses less resources on the computer itself.
How important the reliance on the Internet connection is will vary between different users and situations. AV Comparatives says security software that needs a connection to offer its full protection should alert users when their Internet connection has dropped out.
What's Your Opinion?
Do you use Microsoft Defender or other security tools? Does the reduced performance for offline scanning matter to you? How reliable is your internet connection and had you considered it could affect threat detection?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 20 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
"Windows Defender picked up
"Windows Defender picked up 98.1 percent of threats, beaten only by Avast, AVG, McAfee and Norton Lifelock. When it came to protection, Microsoft scored 99.99 percent, with Avast, AVG, G Data and McAfee the only tools to get a perfect score."
So basically the worst there is!!!!!!!!!!!!!!!