Is there any advantage using first-party antivirus (windows defender)?

Is there any advantage using Windows Defender, an antivirus developed by the same company that build Windows 8? Maybe because Microsoft knows better than any other antivirus company how the OS works?

 

Good Evening! Pain Of Salvation...with HMP...in your arsenal...Windows Defender...is essentially a Non-Issue! Sincerely...Securon

 

Depends on your definition with "advantage". If you're looking for an AV with XYZ features that you think would protect you from malware, then Win 8 Defender definitely ain't for you. But TBH, MSE/Win 8 Defender's detection rate isn't that bad really. Yes, it's basic. But it's not something that would make troubles in your PC. Conflicts and instabilities are as worse as trojans, rootkits, etc. In my own experience, I never have any BSOD with MSE, unlike some certain AV with a yellowy/orangey splash icon that I've used in the past.

 

HMP has real time protection now? I thought it was on demand only.

 

To be honest, i'd be surprised if MSE would make a system BSOD. It hardly has any features and it's made by MS. If they couldn't done it right, then it would be a galactic fail for them. Where other products don't have such in depth knowledge of the OS as the maker itself and they usually offer far more system integrated features that can potentially go wrong. But they at the same time provide simply superior protection where MS is playing it a bit too safe if you ask me...

 

MSE or Win8 Defender:

- set & forget
- best OS integration & compatibility
- large range of "real" widespread malware detection
- very light (except some cpu spikes)
- no boot slowdown
- no stupid "free" one-year registration, nag screens and ads.

 

....no FPs.....

 

Thank God they did quite a good job with it. MSE is probably the most basic AV in history (lol), but they made it does its main job properly: detecting malware. It'd be pointless if it has a HIPS, registry cleaner, FW, backup, etc if they're all buggy and BSOD-inducing. I mean seriously, I need an AV, not an uninstaller tool. =V

 

As I use Avira Premium on demand most of the time to check any download and Sandboxie as my browsing sandbox, I thought I may as well leave Windows Defender's real time protection on. I really think MS has come a long way since the XP days in terms of integrated security.

 

I'm with avast! for like 10 years now and i never had any of the mentioned problems. I only had them few times during beta test but thats why beta tests exist...

 

I think he meant use Win 8 Defender w/ HMP to improve detection rate. Either that or use only HMP and turn off Defender.

 

Here is why I'm asking this question: http://www.insanitybit.com/2012/06/02/you-dont-need-an-antivirus-with-windows-8-17/

 

My take on why MS decided to enter the AV field was to provide basic protection for users of thier OSes who for economic reasons could afford to purchase a third party solution. Nothing more.

The last thing MS wants to do is provoke more government overside into it's monopolistic practices.

By basic protection, I mean just that. If you look closely at the various AV test labs results of MS AV products you will see one glaring deficiency; zero day protection. As far as standard AV scanning and detection, MS products do OK if not better than the third party products. The problem is most of today' malware is Internet based zero day and financial data stealing based. Excluding government based malware, most malware today is for economic purposes. The reason for the poor zero day performance - simply cost. If your providing a freebee as a service and your not interested in data mining to cover the overhead, your going to allocate your resources accordingly.

 

Yeah, I wrote that article.

There's a comment in there that was posted a while later about MSE losing some AV-Test thing. Without going into the fact that AV-Test seems like total **** to me, I noted that MSE would be bypassed more often as it got more popular.

That's why MS has SmartScreen in Windows 8 - that's their attempt to deal with 0day malware.

I still think MSE is fine; it's quiet, has decent catch rates, and good false positive rates.

Install EMET, stay patched, and I think you'll be quite good.

 

Good Evening! GrafZeppelin...it's HMP...in tandem with Windows Defender...that's what I was alluding too! Sincerely...Securon

 

https://www.wilderssecurity.com/showpost.php?p=2223977&postcount=1829

 

And don't even think of downloading a game from internet thatis packed in a single EXE (most modern freeware games). It will bring even the highest end systems to its knees.

 

MSE is the only AV I have used that doesn't increase boot time and I don't notice slowing down disk access, web browsing, or anything. I have tried several other AV's and always come back to MSE.

I will use EEK or CCE or Hitman Pro for 2nd opinions, and sandboxie or CIS or run a VM if I need to, also browse in Dragon with a slew of add ons. In other words I will use other means to secure the system, means that have little to no impact on performance (besides VM's)

 

Microsoft Security Client is the only program I have yet to see create a BSOD - this is because MS follows its own rules. Most other companies usually don't. MSE has a single driver unlike some other programs.

The more simple anything is, the better it is - this is what I believe it. And of course, the more complex anything is - the higher the change for a break. I am in the support field and I support very complex and very simple solutions - both do the same - they protect users and data - of course the one that cause more amount and more complex issues is the the complex one. But the final is the same - they both do the same. I prefer the more simple one. Same for Microsoft and their solutions - some people find them very basic - I find them simple and effective enough.

 

Agree and preferably use a browser which has advanced protected mode or equivalent (policy) sandbox and don't disable UAC

Agree and it beats free 60/180 days trials which fool (folish) users in feeling safe and secured because they have an (inactive) anti virus. A fool proof working mediocore AV beats a top notch inactive AV in terms of effective protection.

YES when you either use a lot of security applications (compatibility reason) or have little to no security knowledge (default install/zero configuration reason). For everything in between, NO there are better AV options and alternatives available (both free and paid).

 

That is not necessarily true.
Most av vendors know how windows works.

Thats like saying only ford mechanics should fix ford motor cars.

 

Microsoft's antimalware offering has an upper hand in terms of compatibility and use of mitigation technologies. The risk of BSOD and FPs that screw up your system files is very minimal. They also have the potential to have the widest database. With their profile, they have to place a strong focus on low FP rate. It's also due to this priority they have to design the engine to be less aggressive compared to 3rd-party counterparts. This is where SmartScreen comes to play but practically speaking, I personally find it a joke at the moment. IMO, it discriminates against small-time developers. SmartScreen may cause users to unnecessarily doubt otherwise clean files or simply choose to ignore the warning (and risk it being malware). They are also relatively new to the AV world which is complex as it involves beyond simple blacklisting and heuristics.

In contrast, some AV vendors have an advantage as they have been in the field far longer and have more experience with malware. 3rd-parties also have a higher incentive and interest in the industry since this is their bread and butter. Compared to Microsoft, 3rd-parties can afford to put up with higher risk and introduce new technologies (in regards to AV) onto the table. However, due to these, 3rd-party AVs may bring in more compatibility issues and not all of them make use of mitigation technologies (such as DEP and ASLR). There's also the performance issues and for those that require subscriptions, the payment may not be worth it's value.

All-in-all, while I agree with HungryMan with the benefits of MSE and why it's a viable choice, I find the article rather "heavy" on this implied view of it being the "best" (for those who chooses to use an AV). I understand and respect his reasoning but I beg to differ. I don't wish to see every Windows user ditch other AVs and run MSE. If we don't want the AV industry to die (I know some will disagree), we need a healthy competition in this area. We don't need an engine that rules it all. I think diversity is good.