Slashdot Mirror
Microsoft Explains Why Windows Defender Isn't Ranked Higher in New Antivirus Tests (zdnet.com)
In its most recent reports, AV-Test had very few flattering things to say about Windows Defender. Microsoft's security suite was rated as the seventh best antivirus product in the independent test. In total, 15 AV products were tested. Microsoft, however, has now disputed AV-Test's methodology and conclusion. For some context, the top AV products rated by AV-Test on Windows 10 were Trend Micro, Vipre, AhnLab, Avira, Bitdefender, Kaspersky, and McAfee.
Windows Defender was able to detect 100 percent of new and old malware, but it lost few points for performance (which, AV-Test measures on the basis of how a security suite slows applications and websites on the test computer); and usability (which counts false-positives or instances where AV wrongly identifies a file as malicious.) From a report: Windows Defender's performance rating was dragged down because it slowed the installation of frequently used applications more than the industry average, and wrongly detected 16 pieces of legitimate software compared with the industry average of four. But Microsoft wants enterprise customers to know that Windows Defender is only half the picture, given the option for customers to also deploy Windows Defender Advanced Threat Protection's (ATP) "stack components" including Smartscreen, Application Guard, and Application Control.
In the January and February test Windows Defender also scored 100 percent on protection. However it did miss two samples. Since then it's retrained its machine-learning classifiers to detect them. But Microsoft notes in a new paper that Defender ATP did catch them, which isn't reflected in AV-Test's or other testing firms' result. Microsoft hopes to change this so that testers include so-called stack components available in ATP. "As threats become more sophisticated, Microsoft and other security platform vendors continue evolving their product capabilities to detect threats across different attack stages," Microsoft's Windows Defender Research team writes. "We hope to see independent testers evolve their methodologies as well. Our customers need greater transparency and optics into what an end-to-end solution can accomplish in terms of total preventive protection, including the quality of individual components like antivirus."
Windows Defender was able to detect 100 percent of new and old malware, but it lost few points for performance (which, AV-Test measures on the basis of how a security suite slows applications and websites on the test computer); and usability (which counts false-positives or instances where AV wrongly identifies a file as malicious.) From a report: Windows Defender's performance rating was dragged down because it slowed the installation of frequently used applications more than the industry average, and wrongly detected 16 pieces of legitimate software compared with the industry average of four. But Microsoft wants enterprise customers to know that Windows Defender is only half the picture, given the option for customers to also deploy Windows Defender Advanced Threat Protection's (ATP) "stack components" including Smartscreen, Application Guard, and Application Control.
In the January and February test Windows Defender also scored 100 percent on protection. However it did miss two samples. Since then it's retrained its machine-learning classifiers to detect them. But Microsoft notes in a new paper that Defender ATP did catch them, which isn't reflected in AV-Test's or other testing firms' result. Microsoft hopes to change this so that testers include so-called stack components available in ATP. "As threats become more sophisticated, Microsoft and other security platform vendors continue evolving their product capabilities to detect threats across different attack stages," Microsoft's Windows Defender Research team writes. "We hope to see independent testers evolve their methodologies as well. Our customers need greater transparency and optics into what an end-to-end solution can accomplish in terms of total preventive protection, including the quality of individual components like antivirus."
MS Defender has one very clear advantage over competition - it doesn't create an additional attack surface and installs yet another vendor's application with deep kernel hooks, network connectivity, and an equivalent of root privileges.
Our customers need greater transparency and optics
Oh, they are laying fiber now?
"First they came for the slanderers and i said nothing."
I have Malwarebytes Anti-Malware Scanner and Windows Defender installed on my Windows systems at home. I haven't had any issues since the Windows XP era.
In the January and February test Windows Defender also scored 100 percent on protection. However it did miss two samples
So which is it? 100% or missed two samples? Because I can tell you my kid doesn't get 100% if she misses 2 questions on an exam.
I have a hard time believing that adding additional components with additional functionality will speed up performance. Experience tells me the opposite is far more likely.
Support Right To Repair Legislation.
Microsoft Defender is a Dot Net. This provides a Dot Net feature inside of MS Defender component. When every Windows is doing updaate, Defender component is changing his Dot Net assembly to enhance the positive security measure. Also he is changing his policy to protect any virus. After update, the virus is protected by Defender.
Dindar Prakesh, MCSE
Anyone should understand that Relative rankings are mostly worthless. If all the products in the top 10 are excellent, but one product has slightly less points than the top 9, does it really matter than it ranked 10th?
The main advantage of Windows Defender is it's free. For most people that trumps all the other rankings. It's free, it protected against everything the competition did, it's nearly as usable, and slightly slower. That's good enough to not buy something else.
The AV vendors should be quaking in their boots. Why would you buy another product when what MS puts out is generally fine? My guess is they'll improve the usability a bit, and they'll rank in the top 3. Then start saying goodbye to several of the other AV vendors.
Uh, because it sucks?
See, it can be stated in a few words.
I also filter out 100% of the spam mails. I am even close to 160% depending on how many spam I get. I just point everything to /dev/null in .procmailrc .
Don't fight for your country, if your country does not fight for you.
Showing GDPR acceptance plea in barely readable greyed out text in a box that covers whole screen is a new low for this site which posts articles about security and privacy.
How ironic!
KTHXBYE!
Couldn't keep Windows off my machine.
Have gnu, will travel.
I am not defending MS here - but who wants to be compared to industry _averages_ when it comes to security. The people adjusting the ranking because it does not compare well to an average are what I like to call stuupid (it is not a typo). You should want perfect security - to hell with averages.
I have never had one piece of malware get on any of my PC's since using Security Essentials and then Defender on my current Win 10 PC. It works and scans well enough for me and the slight delay in program installs is not much of a problem since I don't install many very often.
Virus scanners are judged on how well they completely cripple a target system. Windows Defender doesn't do that so it just isn't any good.
Oh and First post. Or at least it would have been if I wasn't running McAfee.
Ok, direct experience here, and I am absolutely no fanboy of ms software. But, as part of a offensive security cert a few months back, I got heavily into writing and compiling windows exploit code, and one of the course exercises walk through testing a piece of malware by the virus total site.
So as part of my studies and self learning I wrote a non self propagating malicious exploit, but it did elevate privileges from the user to admin and get access to things and start calc as a admin user to prove it was exploiting. I took a common windows POC exploit and modified it heavily in ways I will not discuss to a wider audience (because teaching people av evasion techniques is best left to offsec and their ilk, to the right people) and compiled it.
Out of sheer curiosity I submitted the original POC code, one encoded by a old common packer & my heavily modified "malware" to virus total, and the original and encoded packed version was picked up by about 45/47 av's straight off. The *ONLY* av that managed to detect my custom payload was.... Windows Defender. It must have opened the executable and saw where it hooked when it shouldn't, and the competition seem to rely on pattern matching instead.
So yeah, sign me up for free windows defender. When the subject comes up with lay people who ask me what to use, its what I would recommend them. From first hand testing.
Anon, because even with all the above, I'm basically admitting to authoring a custom exploit, and while I'm employed in this field, I could do without the extra attention.
.
Additionally, Windows Defender does not seem to install all manner of additional software that digs deep into the Windows kernel in order to do its job. For my needs, Windows Defender is a simple, effective a/v solution that works well. Why should I care if it ranks 7 or 3 of even 1?
Things have improved tremendously since the Windows XP era in terms of Windows and app security. Also people tend to use adblockers and flash isn't on by default on newer systems.
Adobe now has sandboxing and Windows gets new security updates each month. IT departments now update software regularly and people use ancient IE almost never outside of a Citrix or vdi environment.
The use of AV software to protect idiots who click on everything is unheard of as people know better now than in 2000.
http://saveie6.com/
Defender proves this. So why doesn't Microsoft just sell a hardened Windows ? Why sell an insecure product and then addon security ?
You live and learn, or you don't learn much.
Comment removed based on user account deletion
See subject & ÃPK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?source=hp&ei=ZYrPWpW_H-ykggel7JLwBg&btnG=Search&q=APK+site%3Astart64.com/
Ads/script/malware rob speed/security/privacy/bandwidth.
Hosts add speed (via hardcodes/adblocks), security (vs. bad sites/malware/poisoned dns), reliability (vs. dns down), & anonymity (vs. dns requestlogs/trackers).
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivir + less security bugs/complexity & faster vs. av/addons/routers/remote dns!
Avoids DNSChangers in routers/IP settings & dns redirect (99++% of ISP DNS != patched vs. it) + DNS tracking & lighten DNS load & resolve faster via local RAM!
* Viâ what u NATIVELY have in a FASTER kernelmode IP stack (does more w/ less).
APK
P.S. - APK Hosts File Engine 2.0++ 64-bit for Linux = done too (used it here since 05/10/2015 to populate hosts to block threats BEFORE they get to you in the 1st place)... apk
nice info tkss bro https://ordertrungquoc.com.vn/
F-secure and Kaspersky are the only ones that make the cut IMO, and they are in the very top when it comes to research and exposure, a good sign that they're putting lots of talent to work in their field.
Cool story bro
Holy shit! This really works! This shit fucking blocked the shit out of all the fucking shit. I cant niiggershitting believe it, you can quote me on that. Host file engine is serious motherfucking Anti-Chinkware.
If you keep your HOSTS file updated regularly!
Must be true, I read it here!!!!!
*ducks*
So what's the incentive for Dell to keep including this option?
You answer your own question:
If the license is already free for Dell, just start asking for money from the AV vendor to install their product
So the incentive is the same as that for any of the other "bloatware" or "trialware" included on most Windows PCs or Android phones: the AV publisher pays Dell gets a commission on new installs. You'll notice that Windows 10 Signature Edition PCs and Google Pixel phones, which specifically exclude third-party bloatware, carry a higher MSRP because the manufacturer isn't getting that sweet, sweet commission revenue. The same is true of PCs including a free operating system. I looked on Dell's website a couple months ago, and an XPS 13 with Ubuntu cost $50 more than an XPS 13 with identical specs and Windows 10. Again, no commission.
What I like about the Defender is that it doesn't regularly consume expensive CAD software for dinner and classify some of my PDFs from 2012 as a waste of time, unlike some other solutions. Or block every post in apple.slashdot.org as malicious (or it actually is constantly been hacked).
how? how does it miss 2 samples, yet score 1% for protection?
If anything has complete keys to your PC kingdom, it would be anti-virus software.
With everything going on in the news today, how can anybody truly trust any of these solutions? If you think that there isn't a cold war going on in the internet, you are uninformed. I see it for myself in logs and honeypot activity all the time. I have to chuckle every time I hear somebody swear by an antivirus program because it doesn't cause trouble and they think they aren't getting infected. I do however expect more of people who test and rank this stuff.
If an American has made the decision to trust Microsoft Windows, why would they expand that circle of trust to a company whose headquarters is in Moscow? By that same logic, if you trust a Russian company more than an American company, it would be logical to use Kaspersky.
Greed is the root of all evil.
what kind of testing methods did the 'independent' AV-test use, as my own experience with Trend Micro and Kaspersky is they are CRAP and have a very big impact on the performance of your computer. Trend Micro is really rubbish, if an application deletes multiple files after each other (using simple API calls) it immediatly removes it without warning, even though there is not a single virus/malware signature in it.
What about the spiced up kikewops?
See subject SOYBoy (rotflmao) in your UNIDENTIFIABLE anonymous "courageous" trolling you "not man" - LMAO!
(You know - I understand your SOYMilk & Bisphenol A "notman" SOYBoy formulas have addled your brains but that takes the cake for "illogic logic" from "your kind", lol!)
* I are making you get all "triggered" when you see your addled thinking fools nobody but your sick in the head chemically NEUTERED (lol) selves, lmao!
APK
P.S.=> Classic - one for my bookmarks... apk
Bit Defender is best. Bit Defender is free. Bit Defender is made by the guys that made Windows(tm) !
I use Linux exclusively, and know Windows(tm) also (understated). Use Bit Defender and/or use Linux.
Remember; there's Bit Defender, then there is the rest of the crapware you don't want with the default
installation.
See subject (lol) & the viral hit by "The SoyBoyz": ''If you're going to TransManCisco? Be sure you wear your jimmyhats + bring Preparation H there. If you're going, to TransManCisco... You're going to meet a lot of transtesticle monsters and soyboy not men there. All across the nation: Surgical sawblade vibrations! Surgeons in motion, Sawing peckers + ball off tossing them into the SF Bay Ocean...'
* They're playing YOUR SONG again - hahahaha classic!
(Only way "your kind" would EVER get any notice &/or notoriety...)
APK
P.S.=> Quit projecting your own mental issues onto me... apk
"WildThing" https://it.slashdot.org/commen... (join us, won't you?) LOL!
... apk
* I've dusted the hell out of you here & am EXPOSING it elsewhere (see link above).
Thought you MIGHT like exposure in the limelight, but, then again?
Germs like YOU simply WITHER in sunlight - come, wither some more, lol!!!
APK
P.S.=> For YOUR listening pleasure (lol, not) & "dramatic effects"? THIS is ME (vs. YOU 'domesticated do-nothing ZERO "ne'er-do-well" SoyBOY TROLLS' like you) WildThing https://www.youtube.com/watch?...
The test does not include Eset Smart Security, which is the best Antivirus, so test results are skewed. Sure, Defender looks great if you carefully select which competitors to test against
"We are drugged out! We are following other people's opinions (rather than educating ourselves & forming our own). We are controlled by the media - Today, it ALL changes! This 'reality' has been forced upon us. It is a choice, just like when I said slavery is a choice. Einstein said the definition of insanity is repeating the same mistake over & over again expecting different results. So we keep saying "I hate you, fuck you, fuck you, fuck you" How're we gonna get a different result outta hate? Why don't we just TRY love? We have the resources for a peaceful world. You know, SOMETIMES you need some "Crazy motherfuckers" to change something. Steve Jobs was crazy. Now we all on Steve Jobs' phones. They say Trump's crazy, they say I'm crazy but I'm here to show love. It's a bigger plan & I'm just doin' what the UNIVERSE told me..."
FROM https://www.youtube.com/watch?v=OfAAS96g6eQ/ near its start & around 5:00 on the vidcontrol (repeated, it's a great message & one I've TRIED to live for 30++ yrs. now).
APK
P.S.=> ... & that's what I've always been about + why I built this program (I have the ability to hopefully effect good positive change for the ABSOLUTE good of all)... apk