In 2020, is Windows Defender good enough to protect vs malware?

In 2020, is Windows Defender enough?

  • Yes, Windows Defender is good enough for most people

    Votes: 22 84.6%
  • No, other security software should also be used

    Votes: 4 15.4%
  • Don't know or it depends on the situation

    Votes: 0 0.0%

  • Total voters
    26

biggles

[H]ard|Gawd
Joined
Jul 25, 2005
Messages
1,950
https://thewirecutter.com/blog/best-antivirus/

Summary: most users should not use free or premium 3rd party antivirus software. Malwarebytes free a good option if you want added protection or if you think there is a greater risk of malicious software for your use case.

Just wondering if folks here agree with the article above. It is a pretty big change from where we were 5-10 years ago. I have had negative experiences with Norton and McAfee, it was when PC builders pre-installed the software on the purchased machines. Performance and interference with other legit programs like Nvidia Geforce Experience. I have also used AVG, Avast, Bitdefender, and Panda and they seemed to work okay.
 

warhol76

n00b
Joined
Jan 1, 2013
Messages
57
I have used only windows defender for a very long time. I definitely haven't used anything else; since windows 10 was released. But, I wasn' using anything for a bit on windows 7 towards the end (never used 8). Unless you do stupid stuff, I think it is plenty.
 

Cypher-

[H]ard|Gawd
Joined
Dec 5, 2007
Messages
1,131
I have only used Windows Defender for a long while now. The last times I researched it Windows Defender was on the top of the list for detection.

That being said before Windows Defender was a thing I used to not run an anti-virus. As someone who has a very good understanding of what not to click on I do not have any issues. The real question is if a user who does not know what they are doing is safe with only Windows Defender. I'd like to think yes but I'm not about to test that myself. So to answer your question, yes it's probably fine for most people.
 

bigdogchris

Fully [H]
Joined
Feb 19, 2008
Messages
18,135
Ever since Windows Defender added Antivirus scanning with Windows 8 I have only used that.

And just for something fun, LTT recently did a performance regression analysis of Defender vs Norton and McAfee

 

dhodson66

n00b
Joined
Nov 26, 2016
Messages
39
I’m still also using spybot
It alwAys finds things but I’m not sure what it’s finding is a real problem

are people using spyware as well anymore?
 

UltraTaco

Limp Gawd
Joined
Feb 21, 2020
Messages
446
I think internet is fairly safe these days. That being said, my pc is not connected to internet. I only use phone for my web needs.
 

ThreeDee

[H]F Junkie
Joined
Sep 5, 2001
Messages
10,800
Windows Defender + Free OpenDNS account + Ublock Origin .. I can't remember the last time I've gotten infected with anything ...
 

x509

2[H]4U
Joined
Sep 20, 2009
Messages
2,087
Ever since Windows Defender added Antivirus scanning with Windows 8 I have only used that.

And just for something fun, LTT recently did a performance regression analysis of Defender vs Norton and McAfee

And if running Windows Defender or Norton or whatever slows down your system by a few seconds here and there, just consider the time you will waste having to clean out a bad infection, or worse, doing a wipe and reload. And that doesn't consider the risk of financial loss if someone steals your bank account credentials.

if the performance hit bothers you, then do a script to start up all applications on a schedule, like when you are having breakfast or lunch.
 

daglesj

Supreme [H]ardness
Joined
May 7, 2005
Messages
5,219
I fix a lot of domestic machines for a living. Before Windows 10 arrived I was doing 3-4 virus cleans/rebuilds a week.

Now? Maybe one every 2-3 months, if that. I still scan machines I get in and bar a few bits of adware they are clean.

So yes MS Defender is fine.

All of them get Unchecky installed though and that keeps the crap down massively. If you look at a lot of the 'vulnerabilities' in the tech press nowadays you would have to go to silly levels of agility and access to actually run them.
 

AVATARAT

n00b
Joined
Jun 16, 2020
Messages
22
The windows defender is not so bad because there is more bad free solutions, and in moment I use only it but when I fix my free space storage problem I will back to free ZoneAlarm Firewall+Antivirus. It work well and give easy control to what happen in the system and is way better for free solution which one is not hungry for system resources.

But that is personal because there is some tricky things with VPNs and to add other networks.
 

Cmustang87

Supreme [H]ardness
Joined
Oct 4, 2007
Messages
4,442
Windows Defender + PiHole DNS Filtering + OpenDNS forwarding + Ublock Origin and a good NGFW at your perimeter stops so much nonsense for a home user. I can't imagine requiring much else at home for a normal user.

For a corporate environment a lot more controls and tools/agents are necessary because the implications and revenue loss (along with company image) extra tools are basically required when you have compromised endpoints. There's ways of isolating endpoints with network and security architecture, but you still need visibility on the machine for your SOC and automation.
 

biggles

[H]ard|Gawd
Joined
Jul 25, 2005
Messages
1,950
Windows Defender + PiHole DNS Filtering + OpenDNS forwarding + Ublock Origin and a good NGFW at your perimeter stops so much nonsense for a home user. I can't imagine requiring much else at home for a normal user.

For a corporate environment a lot more controls and tools/agents are necessary because the implications and revenue loss (along with company image) extra tools are basically required when you have compromised endpoints. There's ways of isolating endpoints with network and security architecture, but you still need visibility on the machine for your SOC and automation.
What do the following terms mean?
PiHOle DNS Filtering
Open DNS forwarding
Ublock Origin
NGFW
 

Cmustang87

Supreme [H]ardness
Joined
Oct 4, 2007
Messages
4,442
Pi-hole is a DNS server that you run at home. You add blocklists to it that are community provided that blackhole domains at a DNS level. So basically, advertising, telemetry and other advertisement and device tracking domains are blocked when devices on your network request name resolution.

What is DNS? https://www.cloudflare.com/learning/dns/what-is-dns/

Then my pi-hole DNS server uses Open DNS as its forwarder which is a highly reliable DNS server on the internet. This is where DNS requests forward to for stuff that isn't blocked by the pi-hole. OpeDNS has built in blocklists for malicious domains.
Basically: When my computer requests domains such as trackingdomain.microsoft.com my Pi-hole gets the first request and will black hole the DNS request so my device never sends or receives content from that domain. If it's a real domain like google.com, my Pi-hole forwards on the request to OpenDNS where I get the real IP address of Google.com

uBlock Origin is a browser extension that blocks advertising and scripting elements that potentially come through.

NGFW is an acronym for a Next Generation Firewall. It encompasses (at a minimum) application layer visibility and control, URL filtering, anti-virus, and IPS engines onto a single hardware appliance along with a whole array of additional features (depending on vendor you go with).
Disclaimer: Antivirus and Anti-Malware is not very effective on your firewall if you aren't decrypting SSL/TLS traffic. Most malware is hidden in encrypted tunnels.

https://pi-hole.net/
https://www.opendns.com/home-internet-security/
https://en.wikipedia.org/wiki/Next-generation_firewall
 
Last edited:

Zarathustra[H]

Fully [H]
Joined
Oct 29, 2000
Messages
30,272
Windows Defender + Free OpenDNS account + Ublock Origin .. I can't remember the last time I've gotten infected with anything ...
Then again, how would you know if nothing you use can detect the infection? :p

Hypothetical here, not disparaging Windows Defender, I simply do not know.

As I recall when Windows Defender first launched it was limited in capability. Then they introduced AV scanning at it lept to the head of the crowd, then after that for many years Microsoft neglected it, and it slipped and using another AV suite was recommended, but I think Defender is more highly regarded again.

I just don't know.

In general, if you stay up to date on patches and don't do risky things (like install questionable software from non-major publishers or browsing questionable sites, or clicking email attachments or links) the risks are pretty low. Things have improved a lot since the bad old days of XP and earlier.

That said, one thing people don't realize is that most major security problems are not with the Windows operating system itself, but rather with the software installed in Windows. Adobe is a major culprit with lots of people using ancient versions of the pdf Reader or flash (thank God Flash is going away soon) but there are others too.

Make sure you keep ALL of your installed software up to date, not just the OS patches.
 
Last edited:

IdiotInCharge

[H]F Junkie
Joined
Jun 13, 2003
Messages
14,245
As I recall when Windows Defender first launched it was limited in capability. Then they introduced AV scanning at it kept to the head of the crowd, then after that for many years Microsoft neglected it, and it slipped and using another AV suite was recommended, but I think Defender is more highly regarded again.
Really the only reason to not use it in smaller networks (SOHO) is to satisfy the 'multi-vendor' paradigm to security. For enterprises you wind up not using it on endpoints because you want something that can do all of that out to the critical boundary devices, which then are almost certainly not running Microsoft solutions.
 

ThreeDee

[H]F Junkie
Joined
Sep 5, 2001
Messages
10,800
Then again, how would you know if nothing you use can detect the infection? :p

Hypothetical here, not disparaging Windows Defender, I simply do not know.

As I recall when Windows Defender first launched it was limited in capability. Then they introduced AV scanning at it lept to the head of the crowd, then after that for many years Microsoft neglected it, and it slipped and using another AV suite was recommended, but I think Defender is more highly regarded again.

I just don't know.

In general, if you stay up to date on patches and don't do risky things (like install questionable software from non-major publishers or browsing questionable sites, or clicking email attachments or links) the risks are pretty low. Things have improved a lot since the bad old days of XP and earlier.

That said, one thing people don't realize is that most major security problems are not with the Windows operating system itself, but rather with the software installed in Windows. Adobe is a major culprit with lots of people using ancient versions of the pdf Reader or flash (thank God Flash is going away soon) but there are others too.

Make sure you keep ALL of your installed software up to date, not just the OS patches.
oh I use other 3rd party programs for scanning once in a great while and never find anything except some pup's every now and then on my wife's PC.. Windows Defender got it's roots from Giant Anti-Malware back in the day... of which I used until Microsoft bought them out and then continued to use Microsoft Security Essentials and now Windows Defender.
 
Top