Is Windows Defender sufficient?

Discussion in 'Networking & Security' started by c3k, Aug 14, 2018.

  1. c3k

    c3k [H]ard|Gawd

    Messages:
    1,779
    Joined:
    Sep 8, 2007
    Folks,

    I've always used a 3rd party antivirus/security suite. Running W10 on the home computers, I'm now reading more and more that simply using Windows Defender is sufficient.

    I'm reasonably smart about the websites I visit, but I can't guarantee that the rest of the family does the same.

    Is Windows Defender good protection?

    Thanks,

    Ken
     
  2. Zepher

    Zepher [H]ipster Replacement

    Messages:
    16,368
    Joined:
    Sep 29, 2001
    No.
    My dad is currently trying to remove a virus he got last night. I hooked up his system drive to my machine earlier and located all the infected files and deleted them since ESET couldn't clean the files.
    But the virus propagated to his other hard drives so now he is working on that.
     
    c3k likes this.
  3. antok86

    antok86 [H]ardness Supreme

    Messages:
    7,894
    Joined:
    Feb 26, 2006
    i use windows defender,malwarebytes premium, and ublock plugin my chrome browser along with common sense web browsing. zero issues. i do this on my pc and my families
     
    The Mad Atheist likes this.
  4. SvenBent

    SvenBent 2[H]4U

    Messages:
    2,221
    Joined:
    Sep 13, 2008
    I dont even use windows defender.

    I scan with malwarebytes Free and dr web cureit now and then. I hate background scanners

    I do enable XD bit for all software
    and use plugins in the browser like noscript to prevent infection
     
  5. Cmustang87

    Cmustang87 [H]ardness Supreme

    Messages:
    4,282
    Joined:
    Oct 4, 2007
    A bad user will always manage to get malware/virus on any system no matter the levels of protection you put in place. With that said, are there better platforms than built-in Windows Defender? Sure. Is it worth it? Sometimes, it just depends on the user.

    A smart user that implements common sense and skepticism on the Internet is generally perfectly fine with a blocker such as uBlock w/ Windows Defender.

    Quantitatively, Windows Defender is "sufficient" in the sense that it does what it needs to protect most home users which we consider "not a dumb dumb".
     
    Last edited: Aug 17, 2018
  6. HammerSandwich

    HammerSandwich [H]ard|Gawd

    Messages:
    1,073
    Joined:
    Nov 18, 2004
    WinDef has 2 excellent properties: it never expires & never asks for money. These are hugely valuable for clueless users, because they need 1 rule: if you see a security alert that mentions $, it's a scam.
     
    Brian_B, The Mad Atheist and c3k like this.
  7. ThreeDee

    ThreeDee [H]ardForum Junkie

    Messages:
    10,564
    Joined:
    Sep 5, 2001
    Ublock Origin plugin for all browsers used, Crypto mining blocker,Free OpenDNS acount with category blocks in place for Edgerouter DNS settings with Windows Defender .. Cyberreason Ransom free on all boxes.. Malwarebytes free , Adwarecleaner for occasional manual scans .. I can't remember the last time I've had an infection of any kind between wife, daughter and myself with our 3 computers and laptop
     
    x509 likes this.
  8. Neapolitan6th

    Neapolitan6th Gawd

    Messages:
    715
    Joined:
    Nov 18, 2016
    Thanks ya'll, a helpful read!
     
  9. DrLobotomy

    DrLobotomy [H]ardness Supreme

    Messages:
    5,954
    Joined:
    May 19, 2016
    Shoutout for ClamWin for all you cheapskates like me.
     
  10. H2R2P2

    H2R2P2 Limp Gawd

    Messages:
    329
    Joined:
    Jun 18, 2006
    I already know I am going to be in the minority here, but is Windows Defender enough for anti-virus? If we are talking Windows 10... In a word.... "yes".

    Windows Defender also has an integrated offline scanner where it reboots itself from a different partition (in order to have your OS partition completely offline), downloads all the definition and scans/cleans. Doing one of these offline scans is really the best way to get rid of the real nasty stuff.
     
    c3k likes this.
  11. mnewxcv

    mnewxcv [H]ardness Supreme

    Messages:
    6,001
    Joined:
    Mar 4, 2007
    I run Windows defender only. The software I download comes from legit sources, and the only websites I actively visit are hardforum and pornhub.
     
    c3k likes this.
  12. LostInRehab

    LostInRehab Limp Gawd

    Messages:
    428
    Joined:
    Mar 1, 2007
    So what AV or suite would you suggest?
     
  13. Zepher

    Zepher [H]ipster Replacement

    Messages:
    16,368
    Joined:
    Sep 29, 2001
    I use ESET NOD32 on my 2 main systems.
     
  14. KazeoHin

    KazeoHin [H]ardness Supreme

    Messages:
    7,452
    Joined:
    Sep 7, 2011
    The best antivirus is between your ears.
     
  15. MikeTrike

    MikeTrike [H]ardness Supreme

    Messages:
    7,978
    Joined:
    Nov 16, 2005
    Technically yes, but technically no for average users, because they'll almost always find a way to f*** s*** up...

    Layers like an onion. DNS, local AV/AM, UTM (firewall/router) is also a plus, non-admin account, etc...
     
    dvsman, IdiotInCharge and Mr. Baz like this.
  16. Mr. Baz

    Mr. Baz 2[H]4U

    Messages:
    2,796
    Joined:
    Aug 17, 2001
    A bad user is always a vulnerability, YES, but there are antimalware software suites available that are capable of preventing the execution of malware (even zero-days) even if a bad user is deliberately trying to execute the file. People just refuse to pay for it and assume the free stuff is just as good.

    STOP USING FREE ANTIMALWARE SOFTWARE and assuming it is just as good. Sure, it is better than nothing, but that should only be used as a temporary measure.
     
    x509 likes this.
  17. Mr. Baz

    Mr. Baz 2[H]4U

    Messages:
    2,796
    Joined:
    Aug 17, 2001
    This. NIST framework FTW.
     
    MikeTrike and IdiotInCharge like this.
  18. IdiotInCharge

    IdiotInCharge Not the Idiot YOU are Looking for

    Messages:
    6,916
    Joined:
    Jun 13, 2003
    This one I've paid for, and renewed, but it's been a bit of an issue with respect to troubleshooting local network permissions.

    Otherwise I've been using Defender as a default as its behavior is pretty well defined.

    Damn straight.
     
    MikeTrike likes this.
  19. x509

    x509 [H]ard|Gawd

    Messages:
    1,585
    Joined:
    Sep 20, 2009
    Link?
     
  20. MikeTrike

    MikeTrike [H]ardness Supreme

    Messages:
    7,978
    Joined:
    Nov 16, 2005
    scobar, IdiotInCharge and x509 like this.
  21. x509

    x509 [H]ard|Gawd

    Messages:
    1,585
    Joined:
    Sep 20, 2009
  22. MikeTrike

    MikeTrike [H]ardness Supreme

    Messages:
    7,978
    Joined:
    Nov 16, 2005
    upload_2018-8-26_15-9-50.png
     
    x509 and IdiotInCharge like this.
  23. daglesj

    daglesj [H]ardness Supreme

    Messages:
    4,822
    Joined:
    May 7, 2005
    Seen em all get beaten. It's the other things you do and don't do that count.
     
    OFaceSIG likes this.
  24. polonyc2

    polonyc2 [H]ardForum Junkie

    Messages:
    15,150
    Joined:
    Oct 25, 2004
    I used Kaspersky for years but when I switched to Windows 10 I started using Windows Defender...no issues so far...is it the best anti-virus/malware product?...No, but it's fine as long as you're not visiting shady sites 24/7
     
    The Mad Atheist and dvsman like this.
  25. Archaea

    Archaea [H]ardForum Junkie

    Messages:
    8,448
    Joined:
    Oct 19, 2004
    Windows Defender in combination with Open DNS, throw in some general common sense possessed by the user - and I feel that is sufficient.
     
  26. Mr. Baz

    Mr. Baz 2[H]4U

    Messages:
    2,796
    Joined:
    Aug 17, 2001
    or don't routinely update your OS?
    or your favorite website uses weak SSL settings and you get MITM'd?
    or you click on that link or attachment in that phishing email?
    or you don't harden your OS at ALL and uses terrible password policies?
    or someone else who either uses your computer or uses any other Internet-connected device that connects to your network follows all of the good cyber-hygiene practices you do?

    There is a LOT more easier ways to get malware than just visiting shady websites.
     
  27. Mr. Baz

    Mr. Baz 2[H]4U

    Messages:
    2,796
    Joined:
    Aug 17, 2001
    If only cybersecurity professionals could get paid 6 figures for just some good old common sense...
     
  28. polonyc2

    polonyc2 [H]ardForum Junkie

    Messages:
    15,150
    Joined:
    Oct 25, 2004
    uBlock Origin seems to get great reviews...I might give that a go
     
  29. daglesj

    daglesj [H]ardness Supreme

    Messages:
    4,822
    Joined:
    May 7, 2005
    My setup is purely -

    Defender
    Unchecky (even I get caught out in the rush sometimes)
    uBlock plus NoScript etc.

    and...

    Standard User Account for day to day use.
     
    The Mad Atheist likes this.
  30. evilwon

    evilwon Limp Gawd

    Messages:
    167
    Joined:
    Feb 11, 2008
    I only use Windows Defender and only have used the MS stuff for 10+ years. Zero infections but I don't go surf porn or shady sites. Anything strange I pull up on a Linux VM.

    I do agree with layered security - it works. If it fails it is usually due to human errors.

    Now, I have utilized several DNS services (free) and am currently utilizing the Neustar free recursive DNS. Five settings so choose your own. I'm using the threat protect at home.

    https://www.security.neustar/digital-performance/dns-services/recursive-dns
     
  31. Alberto Hurst

    Alberto Hurst n00bie

    Messages:
    8
    Joined:
    Aug 21, 2018
    Yes, Windows Defender is more than sufficent for any PC, Unless you download from any unknown source.
    In my recommendation one should always use windows defender.
     
    The Mad Atheist likes this.
  32. tedych

    tedych [H]Lite

    Messages:
    85
    Joined:
    Jan 18, 2013
    By all tests I've been watching over the years WinDef has always been mediocre to say the least. It is lightweight but also "lightweight" on reliability. Maybe better than nothing but as others have said, often it is as it's not there in the first place, most things depend on the user behavior where there is a "threshold" above which... WinDef (or any AV) is just an annoyance and even evil.
    I use only the Firewall part in Windows since year 2008 and nothing else. I don't restrain myself of visiting any website, keep my browser (FF) up to date, have common sense and don't run or install new programs/exe's unles I need them but tested them in virtual environment beforehand. I have a router with its own firewall. I know the general dangers of email and phishing, know what's an SSL certificate. I don't click every link I see. In untrusted sites if I have to click something, I always watch what the link is or goes to (this is not too reliable though). I keep an eye on what's part of the window/webpage, what is UI of the browser etc.
    My last infection was back in 2003 (Blaster) on unpatched XP and I got it after ISP tech guys disabled my zonealarm firewall for few minutes to test something.
    I admit many people don't follow such simple guidelines and maybe for them WinDef could be useful. But presumably this leads to them get infected sooner or later anyway, so my opinion is kind of extreme in this front - AVs are evil all the way!
     
  33. x509

    x509 [H]ard|Gawd

    Messages:
    1,585
    Joined:
    Sep 20, 2009
    This is all well and good, until you go to a reputable site that has been successfully attacked, and as a result, is the source for drive-by malware downloads. I went to one reputable site a few years ago where this happened and fortunately my AV (Norton/Comcast) stopped the download.

    I happened to know the owner of the site personally, so I emailed her. Her response? "Oh, I'll tell my IT about it next time he stops by." This person runs a financial advisory service, so she has high-net-worth clients. These people could be at risk to lose a LOT. I was amazed that she didn't seem to appreciate the risk to her clients and her professional reputation. That story, writ large, is one reason why it's so hard to stamp out malware.
     
  34. x509

    x509 [H]ard|Gawd

    Messages:
    1,585
    Joined:
    Sep 20, 2009
    This is all well and good, until you go to a reputable site that has been successfully attacked, and as a result, is the source for drive-by malware downloads. I went to one reputable site a few years ago where this happened and fortunately my AV (Norton/Comcast) stopped the download.

    I happened to know the owner of the site personally, so I emailed her. Her response? "Oh, I'll tell my IT about it next time he stops by." This person runs a financial advisory service, so she has high-net-worth clients. These people could be at risk to lose a LOT. I was amazed that she didn't seem to appreciate the risk to her clients and her professional reputation. That story, writ large, is one reason why it's so hard to stamp out malware.
     
  35. tedych

    tedych [H]Lite

    Messages:
    85
    Joined:
    Jan 18, 2013
    The browser is probably the one software I(we) have to trust about not letting be exploited without our explicit intervention.
    If an infected site is visited, if the browser is Ok, it cannot download without my permission anything to my PC. For the last 15 years I happened to come across attacked "trusted" sites, but nothing happened. I admit, I somehow blindly trust my FF, and of course I don't blindly visit every single thing that crosses my mind (or someone tells me) :) . It can't just download (and RUN) something on my computer (an executable I mean, not JS) without asking me at least to click once somewhere.
    Exploitable sh** like Flash, Java and Adobe PDF are all turned off forever on my computers.
     
  36. tedych

    tedych [H]Lite

    Messages:
    85
    Joined:
    Jan 18, 2013
    Uh, so what...
    There are several key phrases at least in the first article that I can emphasize on.
    They emphasize on exploits for "add-ons" (more importantly they mean Plugins like ActiveX) more than those in browser itself. That's why I don't keep any plug-ins, no need. And since FF was crippled severely few months ago, I only have one addon absolutely necessary - ublock origin.
    Talking ActiveX is funny because this has always been a major hole in IE, that's why most people stopped using it a decade ago.
    Second - "the need to keep all software up to date." Of course.
    Third: "If anything is out of date with known security vulnerabilities, the kit automatically exploits those". "Known".
    Not to say that most are iframes which... could be easily spotted and disabled with an add-on, no matter what size in pixels is it.
    "Exploit kits rely on outdated software full of security vulnerabilities"...."consider disabling risky plugins like Java and Flash runtimes if you haven’t already. These plugins have a history of security vulnerabilities."
    - Oh... surprise.

    Also, these articles are old and too vague. Sure there are risks when browsing online with any software, as any software has bugs. The chances for me and all my encirclement to be infected by such exploits turned out to be extremely negligible.
    After all that's why we all do backups and system images :) .
    Softwares like WinDef would not protect you from all possible exploits, and one is enough... if you regularly visit sites that "might" be exploited to include such iframes or anything. Yeah, they possibly will against some in some time span... but eventually.... 'you' will fail :), so a little common sense, regularly updating software that goes online, backups, and few other things are enough.
    There will always be some users who will benefit from some AVs to at least delay their infection in time.

    I've always liked concrete examples and scenarios of infecting a system+user. MOST are result of human mistakes or deception/phishing of some kind. Would you post a URL to test a concrete exploit against browser like FF?

    "In the long run, a layered security approach paired with education about the risks of malicious JavaScript can help keep you and employees safe from unknowingly falling victim to an invisible drive-by download attack."
    - This. It's just I always exclude AVs from this layered approach whenever possible and/or not absolutely requested.
     
  37. daglesj

    daglesj [H]ardness Supreme

    Messages:
    4,822
    Joined:
    May 7, 2005
    Standard user accounts for day to day use.
     
  38. Susquehannock

    Susquehannock 2[H]4U

    Messages:
    2,976
    Joined:
    Jul 26, 2005
    With most people's click habits? No. Have found Muskrats (among others) on Win10 systems that were completely ignored by WD. Some of the droppers can be very deceiving to the casual user. Legit looking Adobe flash update pop ups etc. I sometimes wonder how many people's PCs have been zombiefied to covertly mine Crypto currency in this way.
     
  39. x509

    x509 [H]ard|Gawd

    Messages:
    1,585
    Joined:
    Sep 20, 2009
    What is a Muskrat here?