Windows Defender has evolved from a spyware product to a relatively good malware defense product. Naturally, a commercial AV vendor recently tried to take Windows Defender to task. They claimed in their testing that Windows Defender allowed 16 percent of malware to infect a Windows 8 PC. According to Henry, signature-based AV is obsolete, so he took a quick look at the AV Comparatives testing on AV for heuristic detection, which goes well beyond traditional signature-based AV, and found several commercial product vendors that fell well below the effectiveness of Windows Defender. In fact, 13 out of 17 products tested only equaled or were below the protections for heuristic detection of Windows Defender. Even when adding behavioral protection into the mix, Windows Defender still beat the performance of four of the 17 well-established commercial products tested. For a new offering right out of the gate, Windows Defender is sure to raise the bar in AV product offerings.
With that being said, though, Henry says that you really need to look at the bigger picture – even a solution that affords the capability to block 99 percent of malware is still not an effective solution in an environment where we are seeing 75,000 new malicious programs every day and a database of known unique instances of malware that has now exceeded 90,000,000 malware instances. Do the math. Even with 99 percent effectiveness, 750 pieces of malware (one percent of 75,000) will get through undetected every day and you are still potentially exposed from the 900,000 unique instance of malware (one percent of 90,000,000).
Bottom line: Windows Defender, as a free product from Microsoft, is poised to offer better protection than many commercial AV products, but it shouldn’t be your only defense.