In 2020, is Windows Defender good enough to protect vs malware?

In 2020, is Windows Defender enough?

  • Yes, Windows Defender is good enough for most people

    Votes: 23 85.2%
  • No, other security software should also be used

    Votes: 4 14.8%
  • Don't know or it depends on the situation

    Votes: 0 0.0%

  • Total voters
    27

biggles

2[H]4U
Joined
Jul 25, 2005
Messages
2,215
https://thewirecutter.com/blog/best-antivirus/

Summary: most users should not use free or premium 3rd party antivirus software. Malwarebytes free a good option if you want added protection or if you think there is a greater risk of malicious software for your use case.

Just wondering if folks here agree with the article above. It is a pretty big change from where we were 5-10 years ago. I have had negative experiences with Norton and McAfee, it was when PC builders pre-installed the software on the purchased machines. Performance and interference with other legit programs like Nvidia Geforce Experience. I have also used AVG, Avast, Bitdefender, and Panda and they seemed to work okay.
 
I have used only windows defender for a very long time. I definitely haven't used anything else; since windows 10 was released. But, I wasn' using anything for a bit on windows 7 towards the end (never used 8). Unless you do stupid stuff, I think it is plenty.
 
I have only used Windows Defender for a long while now. The last times I researched it Windows Defender was on the top of the list for detection.

That being said before Windows Defender was a thing I used to not run an anti-virus. As someone who has a very good understanding of what not to click on I do not have any issues. The real question is if a user who does not know what they are doing is safe with only Windows Defender. I'd like to think yes but I'm not about to test that myself. So to answer your question, yes it's probably fine for most people.
 
Ever since Windows Defender added Antivirus scanning with Windows 8 I have only used that.

And just for something fun, LTT recently did a performance regression analysis of Defender vs Norton and McAfee

 
I’m still also using spybot
It alwAys finds things but I’m not sure what it’s finding is a real problem

are people using spyware as well anymore?
 
Windows Defender + Free OpenDNS account + Ublock Origin .. I can't remember the last time I've gotten infected with anything ...
 
Ever since Windows Defender added Antivirus scanning with Windows 8 I have only used that.

And just for something fun, LTT recently did a performance regression analysis of Defender vs Norton and McAfee


And if running Windows Defender or Norton or whatever slows down your system by a few seconds here and there, just consider the time you will waste having to clean out a bad infection, or worse, doing a wipe and reload. And that doesn't consider the risk of financial loss if someone steals your bank account credentials.

if the performance hit bothers you, then do a script to start up all applications on a schedule, like when you are having breakfast or lunch.
 
I fix a lot of domestic machines for a living. Before Windows 10 arrived I was doing 3-4 virus cleans/rebuilds a week.

Now? Maybe one every 2-3 months, if that. I still scan machines I get in and bar a few bits of adware they are clean.

So yes MS Defender is fine.

All of them get Unchecky installed though and that keeps the crap down massively. If you look at a lot of the 'vulnerabilities' in the tech press nowadays you would have to go to silly levels of agility and access to actually run them.
 
The windows defender is not so bad because there is more bad free solutions, and in moment I use only it but when I fix my free space storage problem I will back to free ZoneAlarm Firewall+Antivirus. It work well and give easy control to what happen in the system and is way better for free solution which one is not hungry for system resources.

But that is personal because there is some tricky things with VPNs and to add other networks.
 
Windows Defender + PiHole DNS Filtering + OpenDNS forwarding + Ublock Origin and a good NGFW at your perimeter stops so much nonsense for a home user. I can't imagine requiring much else at home for a normal user.

For a corporate environment a lot more controls and tools/agents are necessary because the implications and revenue loss (along with company image) extra tools are basically required when you have compromised endpoints. There's ways of isolating endpoints with network and security architecture, but you still need visibility on the machine for your SOC and automation.
 
Windows Defender + PiHole DNS Filtering + OpenDNS forwarding + Ublock Origin and a good NGFW at your perimeter stops so much nonsense for a home user. I can't imagine requiring much else at home for a normal user.

For a corporate environment a lot more controls and tools/agents are necessary because the implications and revenue loss (along with company image) extra tools are basically required when you have compromised endpoints. There's ways of isolating endpoints with network and security architecture, but you still need visibility on the machine for your SOC and automation.
What do the following terms mean?
PiHOle DNS Filtering
Open DNS forwarding
Ublock Origin
NGFW
 
Pi-hole is a DNS server that you run at home. You add blocklists to it that are community provided that blackhole domains at a DNS level. So basically, advertising, telemetry and other advertisement and device tracking domains are blocked when devices on your network request name resolution.

What is DNS? https://www.cloudflare.com/learning/dns/what-is-dns/

Then my pi-hole DNS server uses Open DNS as its forwarder which is a highly reliable DNS server on the internet. This is where DNS requests forward to for stuff that isn't blocked by the pi-hole. OpeDNS has built in blocklists for malicious domains.
Basically: When my computer requests domains such as trackingdomain.microsoft.com my Pi-hole gets the first request and will black hole the DNS request so my device never sends or receives content from that domain. If it's a real domain like google.com, my Pi-hole forwards on the request to OpenDNS where I get the real IP address of Google.com

uBlock Origin is a browser extension that blocks advertising and scripting elements that potentially come through.

NGFW is an acronym for a Next Generation Firewall. It encompasses (at a minimum) application layer visibility and control, URL filtering, anti-virus, and IPS engines onto a single hardware appliance along with a whole array of additional features (depending on vendor you go with).
Disclaimer: Antivirus and Anti-Malware is not very effective on your firewall if you aren't decrypting SSL/TLS traffic. Most malware is hidden in encrypted tunnels.

https://pi-hole.net/
https://www.opendns.com/home-internet-security/
https://en.wikipedia.org/wiki/Next-generation_firewall
 
Last edited:
What do the following terms mean?
PiHOle DNS Filtering
Open DNS forwarding
Ublock Origin
NGFW
you can sign up for a free Open DNS account if you want to utilize their content blocking features + white/blacklists options
 
Windows Defender + Free OpenDNS account + Ublock Origin .. I can't remember the last time I've gotten infected with anything ...

Then again, how would you know if nothing you use can detect the infection? :p

Hypothetical here, not disparaging Windows Defender, I simply do not know.

As I recall when Windows Defender first launched it was limited in capability. Then they introduced AV scanning at it lept to the head of the crowd, then after that for many years Microsoft neglected it, and it slipped and using another AV suite was recommended, but I think Defender is more highly regarded again.

I just don't know.

In general, if you stay up to date on patches and don't do risky things (like install questionable software from non-major publishers or browsing questionable sites, or clicking email attachments or links) the risks are pretty low. Things have improved a lot since the bad old days of XP and earlier.

That said, one thing people don't realize is that most major security problems are not with the Windows operating system itself, but rather with the software installed in Windows. Adobe is a major culprit with lots of people using ancient versions of the pdf Reader or flash (thank God Flash is going away soon) but there are others too.

Make sure you keep ALL of your installed software up to date, not just the OS patches.
 
Last edited:
As I recall when Windows Defender first launched it was limited in capability. Then they introduced AV scanning at it kept to the head of the crowd, then after that for many years Microsoft neglected it, and it slipped and using another AV suite was recommended, but I think Defender is more highly regarded again.
Really the only reason to not use it in smaller networks (SOHO) is to satisfy the 'multi-vendor' paradigm to security. For enterprises you wind up not using it on endpoints because you want something that can do all of that out to the critical boundary devices, which then are almost certainly not running Microsoft solutions.
 
Then again, how would you know if nothing you use can detect the infection? :p

Hypothetical here, not disparaging Windows Defender, I simply do not know.

As I recall when Windows Defender first launched it was limited in capability. Then they introduced AV scanning at it lept to the head of the crowd, then after that for many years Microsoft neglected it, and it slipped and using another AV suite was recommended, but I think Defender is more highly regarded again.

I just don't know.

In general, if you stay up to date on patches and don't do risky things (like install questionable software from non-major publishers or browsing questionable sites, or clicking email attachments or links) the risks are pretty low. Things have improved a lot since the bad old days of XP and earlier.

That said, one thing people don't realize is that most major security problems are not with the Windows operating system itself, but rather with the software installed in Windows. Adobe is a major culprit with lots of people using ancient versions of the pdf Reader or flash (thank God Flash is going away soon) but there are others too.

Make sure you keep ALL of your installed software up to date, not just the OS patches.
oh I use other 3rd party programs for scanning once in a great while and never find anything except some pup's every now and then on my wife's PC.. Windows Defender got it's roots from Giant Anti-Malware back in the day... of which I used until Microsoft bought them out and then continued to use Microsoft Security Essentials and now Windows Defender.
 
Back
Top