A decade ago, Microsoft launched a free-standing, ultra-lightweight virus scanner called “Security Essentials”. Since then it’s been not only renamed but progressively absorbed into Windows, to the extent that Defender no longer exists at all as a program in its own right: type its name into the Windows 10 Start menu and you’ll simply be directed to the main Security page in the Settings app.
Still, if you’re looking for the functions that used to comprise Defender, they’ve been shunted onto the “Virus & threat protection” page and have picked up a few new tricks along the way. Signatures are regularly downloaded via Windows Update, while a cloud protection feature can identify the latest threats even if they’re not in your database. Another addition is the offline scan function, which reboots your computer and carries out a forensic inspection of your hard disk from outside of Windows, leaving viruses with nowhere to hide.
Basic scans are supplemented by a few technologies designed to tackle ransomware head-on. Windows SmartScreen, which is enabled by default, pops up an alert when you try to install an unrecognised program, which should help slow the spread of trojan downloads – and if you insist on going ahead, Controlled Folder Access blocks untrusted apps from writing to your personal folders, unless you’ve whitelisted them. This latter feature isn’t switched on automatically, presumably to ensure legacy apps don’t run into problems, but it’s well worth enabling.
As a last resort, Windows will also prompt you to store your files in OneDrive, so you can roll back to previous versions if the originals are maliciously encrypted. While the principle is sound, it’s a bit icky to see Microsoft exploit the opportunity to promote its cloud service, especially since it actually does very little to help with the challenges of ransomware: the onus of ensuring your files are uploaded in the first place remains squarely on your shoulders, and if disaster does strike you’ll have to manually browse through your cloud files to find older versions to recover. You might as well use any other backup or cloud sync service.
Two other major features flesh out Windows’ integrated offering. One is the Windows Firewall, which lets you selectively lock down public and private networks, or grant access to specific apps. The odds are you’ll never need to, however, because the firewall does a fine job of keeping intruders out without any need for human interaction. There’s a reason why many third-party suites don’t even bother offering their own firewall any more.
Finally, there’s Windows’ parental controls. Microsoft doesn’t make a lot of noise about these, but Windows 10 gives you the ability to set screen time schedules and limits on kids’ laptops and Xbox consoles, monitor their online activity and even track their location – as long as they’re running the Microsoft Launcher on an Android smartphone. You can also block “inappropriate” sites, although there’s no granularity to this, nor any transparency into exactly what’s deemed unacceptable.
With all this bundled into the price of your Windows licence, it’s understandable if you’re tempted to stick with Defender as your security solution. Doing so means never having to worry about subscriptions, and keeps the number of intrusive pop-ups to a minimum: for the most part, it runs silently and invisibly in the background.
It must also be acknowledged that Defender and its companion modules do a fair job of keeping you safe. A few years ago, the software suffered from very poor malware detection rates, but it’s clawed its way up to a solid, mid-table protection score of 99.5%.
Even so, we’ve some reservations. For one, Defender is hands-down the worst performer we’ve seen recently when it comes to false positives, wrongly blocking or warning testers away from more than 30 harmless programs and websites. That might not bother you if you’re confident enough to recognise when your security software has made a mistake, but really that’s not a call you should ever have to make.
Second, Defender may look and feel lightweight, but it has quite an impact on system performance. AV-Test found that it slowed down the launch of standard software applications by 11%, while AV-Comparatives observed that it had a measurable impact on file-copy and installation operations: across all third-party tests only BullGuard was slower overall. We’re not saying that Windows Defender is a disaster by any means, but there are plenty of alternatives, both free and paid-for, that will give you sharper, smarter protection and actually make your PC run slightly faster.
