Windows Defender Is Becoming the Powerful Antivirus That Windows 10 Needs

Discussion in 'other anti-virus software' started by Secondmineboy, Jan 30, 2016.

  1. shadek

    shadek Registered Member

    Joined:
    Feb 26, 2008
    Posts:
    2,525
    Location:
    Sweden
    The recent test results, from several different testing organizations, is an absolute nightmare for the competitors.
     
  2. mood

    mood Updates Team

    Joined:
    Oct 27, 2012
    Posts:
    4,399
    Microsoft’s Antivirus Has Finally Become a Top Security Product
    Excellent scores obtained in the latest rounds of tests
    March 29, 2018

    http://news.softpedia.com/news/micr...ly-become-a-top-security-product-520464.shtml
     
  3. Charyb

    Charyb Registered Member

    Joined:
    Jan 16, 2013
    Posts:
    643
    I have a license for several different products, but use Windows Defender alongside supplemental protection. It doesn't slow my computer like others have stated and I don't see extra junk and ads that other free antivirus developers build into their products. I have never had serious system false positives like I have had with others. These days, I feel like I could use any antivirus and be protected enough, but the best thing about Windows Defender is, it's free, ad-free, and it works.
     
  4. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    5,262
    Critical flaw in MS Malware Protection Engine (CVE-2018-0986)
    https://borncity.com/win/2018/04/04/critical-flaw-in-ms-malware-protection-engine-cve-2018-0986/
     
  5. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,221
    Location:
    The Netherlands
  6. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    448
    Hunting down Dofoil with Windows Defender ATP.
    More in blog post here : https://cloudblogs.microsoft.com/mi...hunting-down-dofoil-with-windows-defender-atp
     
  7. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    8,493
    Location:
    Slovenia, EU
    Any software has bugs that can be exploited. With AV it can be even more dangerous since it runs with high privileges. But what are the chances of your system getting compromised by AV exploit compared to getting compromised by malware that could be prevented by this same AV?
     
  8. Yuki2718

    Yuki2718 Registered Member

    Joined:
    Aug 15, 2014
    Posts:
    1,482
    Windows Defender is the only AV employing PPL & CFG which mitigated some vuln found in the past. The dev also said they're trying to sandbox scan engine. These facts make it different from rest of AVs. But I think MS should expand their bug bounty program to include WD too. Anyway I don't care much about AV.
     
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    8,493
    Location:
    Slovenia, EU
    They forked this one up: Microsoft modifies open-source code, blows hole in Windows Defender
    https://www.theregister.co.uk/2018/04/04/microsoft_windows_defender_rar_bug/
     
  10. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,221
    Location:
    The Netherlands
    Yes I agree, chance are not that big, but it still gives me a funny feeling. Because if this attack vector hits you, it's probably game over, depending on what type of malware is used. Ransomware running with high privileges should still be blocked by behavioral monitoring tools, in theory.

    Interesting stuff, and I see process hollowing is mentioned a lot. Will Win Defender block process hollowing automatically with its behavior blocker? Keep in mind, I'm not talking about Win Def ATP, but about Win Def AV, just to be clear.
     
  11. JimboW

    JimboW Registered Member

    Joined:
    Oct 22, 2010
    Posts:
    259
    It's no wonder Windows Defender is doing a lot better than it used to. Last time I tested it, would be going back a good couple of years now, you would get a definition update at most twice a day. Testing just now I've been able to receive a signature update three times in the last hour alone.
     
  12. illicit

    illicit Registered Member

    Joined:
    Apr 8, 2008
    Posts:
    100
    Great question. Does anyone have any insight into whether this blocking capability requires ATP or not?
     
  13. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,824
    Location:
    Nicaragua
    Can someone using W10 1709 tell me whats their Antimalware Client Version number. My computer shows version 4.12.17007.18022, is that version the latest for W10 1709?

    I dont use Windows defender or any AV but part of my routine is to turn WD ON for a day or so after updates for maintenance, to keep it up to date. I read a new Antimalware Client Version (4.14.17613.18038 ) was released but I am not sure if that one is for W10 1803 only or it is also for 1709. Information in the internet about this is little, I cant figure it.

    Bo
     
  14. Gandalf_The_Grey

    Gandalf_The_Grey Registered Member

    Joined:
    Jan 31, 2012
    Posts:
    516
    Location:
    The Netherlands
    I just had an update, the version is now: 4.14.17613.18039
     
  15. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    5,607
    Location:
    Among the gum trees
    Me too.
     
  16. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    4,824
    Location:
    Nicaragua
    Thanks, I also got it now.

    Bo
     
  17. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,221
    Location:
    The Netherlands
    I'm guessing that it will not block the malware straight away, it will first upload it to the cloud, and then will it come up with a verdict. I rather have behavior blockers block it straight away, I don't need the freaking cloud. Also strange that they didn't want WD ATP being tested by MRG, see link.

    https://www.wilderssecurity.com/threads/comparative-malware-protection-assessment.402594/
     
  18. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    448
  19. anon

    anon Registered Member

    Joined:
    Dec 27, 2012
    Posts:
    5,262
  20. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    10,221
    Location:
    The Netherlands
    Didn't expect this from M$, but I suppose it's because the behavior blocker has become more sensitive, they probably want to avoid misses like with NotPetya. But at least M$ did beat other big names, pretty good.
     
  21. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    6,914
    Location:
    U.S.A. (South)
    Blowed away by how serious Microsoft finally is taking O/S security and looks like they are learning what they been missing all this time from previous versions.
     
  22. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,512
    Location:
    USA
    It's always been this way for me. The last time I uninstalled the suite I use to upgrade it to the newest version WD detected 3 false positives during the downtime. They are getting better at detection but the false positives are a deal breaker for me.
     
  23. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    8,493
    Location:
    Slovenia, EU
  24. Martin_C

    Martin_C Registered Member

    Joined:
    Dec 4, 2014
    Posts:
    448
    Accelerated Memory Scanning - the new Intel feature to offload antivirus memory scanning to GPU in order to reduce load on CPU - will be available to all Windows Defender Antivirus users starting with the Windows 10 1709 Fall Creators Update branch and onwards :
    https://mobile.twitter.com/AmitaiTechie/status/986111225460244480

    And
    https://mobile.twitter.com/AmitaiTechie/status/986111800981700608

    Intel's early benchmarking shows CPU utilization dropping from 20 percent to as little as 2 percent :
    https://newsroom.intel.com/editoria...rity-technologies-industry-adoption-rsa-2018/
     
  25. Umbra

    Umbra Registered Member

    Joined:
    Feb 10, 2011
    Posts:
    4,292
    Location:
    Europe then Asia
    let see if a folder with 20+ executables will still take 30+ seconds to load.
     
Loading...