Is Windows Defender sufficient?

c3k

2[H]4U
Joined
Sep 8, 2007
Messages
2,330
Folks,

I've always used a 3rd party antivirus/security suite. Running W10 on the home computers, I'm now reading more and more that simply using Windows Defender is sufficient.

I'm reasonably smart about the websites I visit, but I can't guarantee that the rest of the family does the same.

Is Windows Defender good protection?

Thanks,

Ken
 
No.
My dad is currently trying to remove a virus he got last night. I hooked up his system drive to my machine earlier and located all the infected files and deleted them since ESET couldn't clean the files.
But the virus propagated to his other hard drives so now he is working on that.
 
  • Like
Reactions: c3k
like this
i use windows defender,malwarebytes premium, and ublock plugin my chrome browser along with common sense web browsing. zero issues. i do this on my pc and my families
 
I dont even use windows defender.

I scan with malwarebytes Free and dr web cureit now and then. I hate background scanners

I do enable XD bit for all software
and use plugins in the browser like noscript to prevent infection
 
A bad user will always manage to get malware/virus on any system no matter the levels of protection you put in place. With that said, are there better platforms than built-in Windows Defender? Sure. Is it worth it? Sometimes, it just depends on the user.

A smart user that implements common sense and skepticism on the Internet is generally perfectly fine with a blocker such as uBlock w/ Windows Defender.

Quantitatively, Windows Defender is "sufficient" in the sense that it does what it needs to protect most home users which we consider "not a dumb dumb".
 
Last edited:
WinDef has 2 excellent properties: it never expires & never asks for money. These are hugely valuable for clueless users, because they need 1 rule: if you see a security alert that mentions $, it's a scam.
 
Ublock Origin plugin for all browsers used, Crypto mining blocker,Free OpenDNS acount with category blocks in place for Edgerouter DNS settings with Windows Defender .. Cyberreason Ransom free on all boxes.. Malwarebytes free , Adwarecleaner for occasional manual scans .. I can't remember the last time I've had an infection of any kind between wife, daughter and myself with our 3 computers and laptop
 
  • Like
Reactions: x509
like this
Folks,

I've always used a 3rd party antivirus/security suite. Running W10 on the home computers, I'm now reading more and more that simply using Windows Defender is sufficient.

I'm reasonably smart about the websites I visit, but I can't guarantee that the rest of the family does the same.

Is Windows Defender good protection?

Thanks,

Ken

I already know I am going to be in the minority here, but is Windows Defender enough for anti-virus? If we are talking Windows 10... In a word.... "yes".

Windows Defender also has an integrated offline scanner where it reboots itself from a different partition (in order to have your OS partition completely offline), downloads all the definition and scans/cleans. Doing one of these offline scans is really the best way to get rid of the real nasty stuff.
 
  • Like
Reactions: c3k
like this
I run Windows defender only. The software I download comes from legit sources, and the only websites I actively visit are hardforum and pornhub.
 
No.
My dad is currently trying to remove a virus he got last night. I hooked up his system drive to my machine earlier and located all the infected files and deleted them since ESET couldn't clean the files.
But the virus propagated to his other hard drives so now he is working on that.

So what AV or suite would you suggest?
 
Technically yes, but technically no for average users, because they'll almost always find a way to f*** s*** up...

Layers like an onion. DNS, local AV/AM, UTM (firewall/router) is also a plus, non-admin account, etc...
 
A bad user will always manage to get malware/virus on any system no matter the levels of protection you put in place. With that said, are there better platforms than built-in Windows Defender? Sure. Is it worth it? Sometimes, it just depends on the user.

A smart user that implements common sense and skepticism on the Internet is generally perfectly fine with a blocker such as uBlock w/ Windows Defender.

Quantitatively, Windows Defender is "sufficient" in the sense that it does what it needs to protect most home users which we consider "not a dumb dumb".

A bad user is always a vulnerability, YES, but there are antimalware software suites available that are capable of preventing the execution of malware (even zero-days) even if a bad user is deliberately trying to execute the file. People just refuse to pay for it and assume the free stuff is just as good.

STOP USING FREE ANTIMALWARE SOFTWARE and assuming it is just as good. Sure, it is better than nothing, but that should only be used as a temporary measure.
 
  • Like
Reactions: x509
like this
I use ESET NOD32 on my 2 main systems.

This one I've paid for, and renewed, but it's been a bit of an issue with respect to troubleshooting local network permissions.

Otherwise I've been using Defender as a default as its behavior is pretty well defined.

Technically yes, but technically no for average users, because they'll almost always find a way to f*** s*** up...

Layers like an onion. DNS, local AV/AM, UTM (firewall/router) is also a plus, non-admin account, etc...
This. NIST framework FTW.

Damn straight.
 

Google...

https://www.nist.gov/cyberframework

upload_2018-8-26_14-49-9.png


Bing?

upload_2018-8-26_14-50-4.png


DuckDuckGo?

upload_2018-8-26_14-50-51.png


Yahoo!?

upload_2018-8-26_14-51-6.png
 
Seen em all get beaten. It's the other things you do and don't do that count.
 
I used Kaspersky for years but when I switched to Windows 10 I started using Windows Defender...no issues so far...is it the best anti-virus/malware product?...No, but it's fine as long as you're not visiting shady sites 24/7
 
Windows Defender in combination with Open DNS, throw in some general common sense possessed by the user - and I feel that is sufficient.
 
I used Kaspersky for years but when I switched to Windows 10 I started using Windows Defender...no issues so far...is it the best anti-virus/malware product?...No, but it's fine as long as you're not visiting shady sites 24/7

or don't routinely update your OS?
or your favorite website uses weak SSL settings and you get MITM'd?
or you click on that link or attachment in that phishing email?
or you don't harden your OS at ALL and uses terrible password policies?
or someone else who either uses your computer or uses any other Internet-connected device that connects to your network follows all of the good cyber-hygiene practices you do?

There is a LOT more easier ways to get malware than just visiting shady websites.
 
Windows Defender in combination with Open DNS, throw in some general common sense possessed by the user - and I feel that is sufficient.

If only cybersecurity professionals could get paid 6 figures for just some good old common sense...
 
My setup is purely -

Defender
Unchecky (even I get caught out in the rush sometimes)
uBlock plus NoScript etc.

and...

Standard User Account for day to day use.
 
I only use Windows Defender and only have used the MS stuff for 10+ years. Zero infections but I don't go surf porn or shady sites. Anything strange I pull up on a Linux VM.

I do agree with layered security - it works. If it fails it is usually due to human errors.

Now, I have utilized several DNS services (free) and am currently utilizing the Neustar free recursive DNS. Five settings so choose your own. I'm using the threat protect at home.

https://www.security.neustar/digital-performance/dns-services/recursive-dns
 
Yes, Windows Defender is more than sufficent for any PC, Unless you download from any unknown source.
In my recommendation one should always use windows defender.
 
By all tests I've been watching over the years WinDef has always been mediocre to say the least. It is lightweight but also "lightweight" on reliability. Maybe better than nothing but as others have said, often it is as it's not there in the first place, most things depend on the user behavior where there is a "threshold" above which... WinDef (or any AV) is just an annoyance and even evil.
I use only the Firewall part in Windows since year 2008 and nothing else. I don't restrain myself of visiting any website, keep my browser (FF) up to date, have common sense and don't run or install new programs/exe's unles I need them but tested them in virtual environment beforehand. I have a router with its own firewall. I know the general dangers of email and phishing, know what's an SSL certificate. I don't click every link I see. In untrusted sites if I have to click something, I always watch what the link is or goes to (this is not too reliable though). I keep an eye on what's part of the window/webpage, what is UI of the browser etc.
My last infection was back in 2003 (Blaster) on unpatched XP and I got it after ISP tech guys disabled my zonealarm firewall for few minutes to test something.
I admit many people don't follow such simple guidelines and maybe for them WinDef could be useful. But presumably this leads to them get infected sooner or later anyway, so my opinion is kind of extreme in this front - AVs are evil all the way!
 
By all tests I've been watching over the years WinDef has always been mediocre to say the least. It is lightweight but also "lightweight" on reliability. Maybe better than nothing but as others have said, often it is as it's not there in the first place, most things depend on the user behavior where there is a "threshold" above which... WinDef (or any AV) is just an annoyance and even evil.
I use only the Firewall part in Windows since year 2008 and nothing else. I don't restrain myself of visiting any website, keep my browser (FF) up to date, have common sense and don't run or install new programs/exe's unles I need them but tested them in virtual environment beforehand. I have a router with its own firewall. I know the general dangers of email and phishing, know what's an SSL certificate. I don't click every link I see. In untrusted sites if I have to click something, I always watch what the link is or goes to (this is not too reliable though). I keep an eye on what's part of the window/webpage, what is UI of the browser etc.
My last infection was back in 2003 (Blaster) on unpatched XP and I got it after ISP tech guys disabled my zonealarm firewall for few minutes to test something.
I admit many people don't follow such simple guidelines and maybe for them WinDef could be useful. But presumably this leads to them get infected sooner or later anyway, so my opinion is kind of extreme in this front - AVs are evil all the way!
This is all well and good, until you go to a reputable site that has been successfully attacked, and as a result, is the source for drive-by malware downloads. I went to one reputable site a few years ago where this happened and fortunately my AV (Norton/Comcast) stopped the download.

I happened to know the owner of the site personally, so I emailed her. Her response? "Oh, I'll tell my IT about it next time he stops by." This person runs a financial advisory service, so she has high-net-worth clients. These people could be at risk to lose a LOT. I was amazed that she didn't seem to appreciate the risk to her clients and her professional reputation. That story, writ large, is one reason why it's so hard to stamp out malware.
 
Yes, Windows Defender is more than sufficent for any PC, Unless you download from any unknown source.
In my recommendation one should always use windows defender.
This is all well and good, until you go to a reputable site that has been successfully attacked, and as a result, is the source for drive-by malware downloads. I went to one reputable site a few years ago where this happened and fortunately my AV (Norton/Comcast) stopped the download.

I happened to know the owner of the site personally, so I emailed her. Her response? "Oh, I'll tell my IT about it next time he stops by." This person runs a financial advisory service, so she has high-net-worth clients. These people could be at risk to lose a LOT. I was amazed that she didn't seem to appreciate the risk to her clients and her professional reputation. That story, writ large, is one reason why it's so hard to stamp out malware.
 
This is all well and good, until you go to a reputable site that has been successfully attacked, and as a result, is the source for drive-by malware downloads. I went to one reputable site a few years ago where this happened and fortunately my AV (Norton/Comcast) stopped the download.

I happened to know the owner of the site personally, so I emailed her. Her response? "Oh, I'll tell my IT about it next time he stops by." This person runs a financial advisory service, so she has high-net-worth clients. These people could be at risk to lose a LOT. I was amazed that she didn't seem to appreciate the risk to her clients and her professional reputation. That story, writ large, is one reason why it's so hard to stamp out malware.
The browser is probably the one software I(we) have to trust about not letting be exploited without our explicit intervention.
If an infected site is visited, if the browser is Ok, it cannot download without my permission anything to my PC. For the last 15 years I happened to come across attacked "trusted" sites, but nothing happened. I admit, I somehow blindly trust my FF, and of course I don't blindly visit every single thing that crosses my mind (or someone tells me) :) . It can't just download (and RUN) something on my computer (an executable I mean, not JS) without asking me at least to click once somewhere.
Exploitable sh** like Flash, Java and Adobe PDF are all turned off forever on my computers.
 
Uh, so what...
There are several key phrases at least in the first article that I can emphasize on.
They emphasize on exploits for "add-ons" (more importantly they mean Plugins like ActiveX) more than those in browser itself. That's why I don't keep any plug-ins, no need. And since FF was crippled severely few months ago, I only have one addon absolutely necessary - ublock origin.
Talking ActiveX is funny because this has always been a major hole in IE, that's why most people stopped using it a decade ago.
Second - "the need to keep all software up to date." Of course.
Third: "If anything is out of date with known security vulnerabilities, the kit automatically exploits those". "Known".
Not to say that most are iframes which... could be easily spotted and disabled with an add-on, no matter what size in pixels is it.
"Exploit kits rely on outdated software full of security vulnerabilities"...."consider disabling risky plugins like Java and Flash runtimes if you haven’t already. These plugins have a history of security vulnerabilities."
- Oh... surprise.

Also, these articles are old and too vague. Sure there are risks when browsing online with any software, as any software has bugs. The chances for me and all my encirclement to be infected by such exploits turned out to be extremely negligible.
After all that's why we all do backups and system images :) .
Softwares like WinDef would not protect you from all possible exploits, and one is enough... if you regularly visit sites that "might" be exploited to include such iframes or anything. Yeah, they possibly will against some in some time span... but eventually.... 'you' will fail :), so a little common sense, regularly updating software that goes online, backups, and few other things are enough.
There will always be some users who will benefit from some AVs to at least delay their infection in time.

I've always liked concrete examples and scenarios of infecting a system+user. MOST are result of human mistakes or deception/phishing of some kind. Would you post a URL to test a concrete exploit against browser like FF?

"In the long run, a layered security approach paired with education about the risks of malicious JavaScript can help keep you and employees safe from unknowingly falling victim to an invisible drive-by download attack."
- This. It's just I always exclude AVs from this layered approach whenever possible and/or not absolutely requested.
 
With most people's click habits? No. Have found Muskrats (among others) on Win10 systems that were completely ignored by WD. Some of the droppers can be very deceiving to the casual user. Legit looking Adobe flash update pop ups etc. I sometimes wonder how many people's PCs have been zombiefied to covertly mine Crypto currency in this way.
 
With most people's click habits? No. Have found Muskrats (among others) on Win10 systems that were completely ignored by WD. Some of the droppers can be very deceiving to the casual user. Legit looking Adobe flash update pop ups etc. I sometimes wonder how many people's PCs have been zombiefied to covertly mine Crypto currency in this way.
What is a Muskrat here?
 
Back
Top