Windows Defender

Overview

Key features:
-Bootable rescue disk available as separate download
-Built into Windows 8/8.1/10
-Available for Windows Vista/7 as Microsoft Security Essentials
-Will run on any Windows system
Microsoft’s own anti-malware tools come by default with Windows 10, giving you a modicum of protection even if you’re not able to immediately install dedicated anti-malware tools. Available for Windows Vista and 7 under the Microsoft Security Essentials name, and called Windows Defender when it accompanies Windows 8 through 10 in a slightly more up-to-date incarnation that includes extra protection against rootkits and boot sector viruses, Microsoft’s security software provides both scanning and real-time protection.

Defender was among the worst performing anti-virus products tested by AV-TEST this spring. While it did well against a reference set of recently collected malware, spotting 99.7% in March and 99.8% in April, it put in a consistently poor performance against real-world exposure tests to malware that was live online, with a detection rate of 88.9% in March and 88% in April.

It was also a little more prone to misidentifying legitimate software as malicious, although with five false positives out of a set of more than a million, it wasn’t a major problem. Defender proved to be fairly unobtrusive in terms of its effect on system performance, except when it came to installing applications for the first time, where it reduced performance by an average of 51%.

Windows Defender is by its nature a lightweight affair, which also makes it remarkably easy to use. Its main homescreen displays your protection and update status, details of when your last scan was carried out and lets you immediately run a quick, full or custom scan. Custom scans, as you’d expect, let you give any directory on a local or removable drive a quick once-over without having to scan your entire hard disk.

The Update tab lets you check and update Defender’s virus definitions database, and the History tab allows you to view the details of items on your PC that have been quarantined as malicious, manually allowed or detected in general. In an interesting privacy and security-orientated move, to view the details of these files, remove or restore them, you’ll need to click the View details button and log in as an administrator if your account doesn’t already have admin status.

Regardless of which tab you’re looking at, help and settings icons are always present at the top right of the Windows Defender client. Clicking on Help takes you straight to an online community forum in your browser of choice, while a dropdown arrow directs you to a page where you can manually upload a suspicious file for Microsoft’s malware team to analyse.

The Settings icon takes you straight to Windows’ main Update & Security settings. From here you can disable or re-enable features, including real-time and cloud-based protection and the automatic submission of potentially malicious files to Microsoft, and exclude specific folders, files, processes or file extensions from Defender’s scans.

While Windows Defender is better than having no anti-virus in place at all, we strongly advise against using it for long-term protection against malware due to its relatively poor performance in live malware exposure tests.