Oct 162012
 

Defender is the default antivirus in Windows 8 – we look at how it compares to rival security products. Windows 8 Defender is basically the same as the current Microsoft Security Essentials (MSE) product – it uses the same anti-malware engine and looks almost identical.

That is why MSE itself is not available for Windows 8 – the integral new Defender has replaced it.

How Does Windows 8 Defender Compare? As it is so similar to the current MSE, it’s reasonable to assume that Defender will perform about as well, or as badly, as its twin. Windows 8 buyers should therefore consider the performance of MSE before deciding to keep Defender or install a different security suite.

In our latest review of antivirus test results last month, MSE was the only one of 24 products tested not to achieve AV-Test certification – it was bottom of the pile for Protection with a score just half that of the next worst product (a quarter of the score of the top product) and it was also poor for Repair ability.

Protection is more important than Repair ability – viruses can do so much damage (e.g. hiding/encrypting your documents or disabling your antivirus) before you realize you are infected that it is obviously better not to get infected in the first place…

Despite these results, MSE is increasingly popular – a recent study suggested that MSE is the number one AV in North America, enjoying a huge 25% share of the market. Perhaps the simplicity of MSE (a ‘set and forget’ antivirus) has struck a chord – and many users trust Microsoft to produce good security software for Windows…

AV-Test results for Protection show that MSE achieved a score of 1.5 out of 6 – compared to 5.0 for Avast Free and 6.0 for the top performer Bitdefender Internet Security (BIS) as shown below:

AV-TestMSE1

But what do those scores mean in practice? Digging deeper reveals the following details for the tests:

Widespread and prevalent malware – This category is for old and well known malware – bread and butter for antivirus products, as proved by the industry average of 100% detection.

  • MSE, Avast and BIS all detected 100% of this malware in October.

Malware discovered in the last 3 months – A tougher test because the malware is more recent – industry average reduces to 97% detection.

  • MSE detected 90% in October whilst Avast found 98% and BIS 99%.

0-Day malware, real world testing – The toughest test because the malware is new and may not be included in the security product’s malware definitions – industry average detection rates drop to 89%.

  • MSE detected just 64% in October whilst Avast and BIS found 100%.

The results clearly show that MSE struggles to detect more recent malware and highlights the additional security that the best paid products provide – BitDefender detected a minimum of 99% of the 250,000+ malware samples tested across all three categories.

AV-Test is not alone in these findings – they are mirrored by another well known test lab, AV-Comparatives, which rated Avast and BitDefender as 3 stars (Advanced+) and MSE as 1 star (Standard) in their September file detection tests.

Conclusion

MSE, and therefore Windows 8 Defender, is easy to use and it slows down the computer less than its rivals – 5 seconds compared to 11 seconds (Avast) and 12 seconds (BIS) according to AV-Test.

However, there is an important trade off – protection against more recent malware, especially 0-day threats, is very poor. It is for Windows 8 buyers to decide if this trade off is worth the risk.

  5 Responses to “How Does Windows 8 Defender Compare To Other Antivirus Products?”

  1. Am typing on my phone’s screen so apologies if words etc missing.

    I currently subscribe to Which? the UK consumer advice organisation. TL has referred to Which? findings and articles occasionally.

    Worryingly the latest Which? Computing magazine has an article which, following their own tests and research of 18 security software options, goes against all the findings of the research behind your article above and related/connected ones.

    You will remember the tests behind your article failed to certify the Windows security engine, rated Kaspersky the highest overall, while Avast pretty much beat all unpaid rivals (by a small margin).

    I have had a lot of respect for Which? and the knowledge underpinning their reviews. The article I refer to, however, gives Windows 8 the leading position in security with a score of 92%, followed by MSE at 87%. Next the first if the priced AV is Bulldog with 84%. Kaspersky is ranked 10th with 73% below free versions of Avira and Zone Alarm. Meanwhile Avast comes in LAST with just 46%!

    I am unsettled and a little shocked by their article. Surely little has changed in the world of AV since the tests TLs articles refer to were carried out (that is a question TL could answer maybe?)

    The conclusion otherwise is that Which? do not know what they are talking about. This is what unsettles me. The poor standard of research behind their article is what shocks me. They dont even mention MBR or rootkits or seem aware that the MBR can be specifically targetted/protected.

    So, this article of theirs jeopardises all they stand for really. Maybe TL can tell me that there HAVE been some recent changes? Please..

    • Their conclusion is Whichcraft – flies in the face of leading independent AV test companies around the world (plus the experience of techies).

      Seriously, it may be a reasonable mag to read but testing AV software isn’t something they can just ‘have a go at’ in the same way as they might test printers by printing a few pics… I’ve no idea how/what they tested but the results speak for themselves – no, MSE has not suddenly improved (in fact it just failed AV-Test certification for the second time running…)

      If they scored only based on ease of use or impact on PC speed then MSE might well be top as it is so lightweight – but there’s a reason for that…

      • Thanks for the update Roy. I didn’t think much could really have changed.

        The issue (for those who refer to Which?’s judgment) is actually pretty serious. The thing is you see, rather than it being something they have decided to ‘have a go at’ as you put it, they DO have a specialist computing/IT department. In fact, it is possible to subscribe to them only for Computer Advice – or Legal Advice or 3 or 4 other specialised sections within the Which? knowledge bank.

        However, it also as you suspect, that their weighting lies heavily on other issues, such as ease of use.

        In fact OMG I am just referring to it now and OMG this explains everything. The test scores are based on Features (5%), Ease of Use (55%) and Performance (40%).

        Idiots, they have gone down so much in my estimation because of this. They are are so big on the this Ease of Use thing in everything they review, but surely there comes a time to recognise putting that before other factors can actually jeopardise the whole shebang.

        Well, I wont cancel my subscription just yet but this is strike one!

  2. I have always used Kaspersky Security in the past but since buying Windows 8 I decided to initially use their defender antivirus.
    It’s been 6 months now and I have never had any problems with spyware or virus’s etc and I do often visit some dodgy sites.
    It also updates at least once a day.
    Just to make sure I do manually run Malwarebytes every so often and it has never found any infections at all so I can only assume that Defender is doing it’s job pretty dam good.

  3. In my opinion Microsoft offers minimum protection for those who simply don’t want to mess with security. I commend Microsoft for finally making something that does not make some users feel they would rather do without security by making it non intrusive. The trade off seems to be a lacking of proper detection of newer viruses and malware which does concern me. Is Microsoft Security Essentials and Windows 8 Defender giving users somewhat of a false sense of security? Nothing is 100% in PC security, zero day and the frequent changes made to malware exploits cause even the best security suites to catch everything. Heuristic detection is not a exact science and I also question the effectiveness of quick scans over full scans. I think much of this was done again to satisfy the end user and to avoid security suites from becoming annoying and causing the user to uninstall them. If you were creating malware or a virus, you could easily avoid installing your malware in areas where the quick scan would detect it. For Microsoft to succeed in the security department. I think its products need to at least be as good as the best free third party stuff out there. Otherwise, Microsoft is doing a disservice to its users.