Now, Microsoft had its hard work with Defender validated yet again -- for the most part. Another independent testing lab, AV-Comparatives, has published its September 2019 malware protection report, and Windows Defender is one of the antivirus (AV) solutions tested.
Defender boasted an online protection rate of 99.96 percent, which puts it in the top 10 AV programs examined by AV-Comparatives. However, it's worth noting that the overall results do not (with one major exception, which we'll get to in a moment) vary significantly from program to program. For example, Defender managed to successfully block 10,552 pieces of malware (out of 10,556), but even the lowest-ranked program -- Total Defense -- blocked a respectable 10,537.
With that said, given the devastating effects even one piece of malware can have on a system, it's certainly worth going with one of the best. In this particular test, Avast, AVG, and Trend Micro take that crown, with 100% protection rates. The "worst" programs for virus protection were McAfee (99.82 percent) and the previously-mentioned Total Defense (99.82 percent).
Now, detection rates are another story. As part of their test, AV-Comparatives thought it would be wise to see how "cloud-reliant" each AV program is. In other words, the group wanted to see how effective the software is at blocking malware without an active connection to the internet.
Unfortunately for Microsoft, Defender faltered in this category. Its offline malware detection rate sat at just 29.7 percent, which is better than Panda Antivirus (28.6 percent) and Trend Micro (20.9 percent), but not by much. For reference, Avast's offline detection rate was 97.4 percent. When we look at the online detection rates, Microsoft's results are much better at 76.3 percent, but they still fall behind the rest of the pack (all of which surpassed the 92 percent mark).
If you're a bit confused about what the difference between protection and detection is, here's AV-Comparatives' explanation:
This Malware Protection Test checks not only the detection rates, but also the protection capabilities, I.e. the ability to prevent a malicious program from actually making any changes to the system. In some cases, an antivirus program may not recognise a malware sample when it is inactive, but will recognise it when it is running.
So, in short, a lower detection rate (such as the 76.3 percent figure quoted before for Defender) is not necessarily the sole marker of a bad or ineffective piece of AV software. Defender might not catch all viruses when they lie dormant, but it'll almost certainly do so when they try to actively harm to your system.
Another metric that prevents Defender from snagging the #1 antivirus spot is its false positive detection rate. As part of its report, AV-Comparatives gave each participating AV program a set of clean files to scan, and took note of how many items were incorrectly flagged as malicious (the total number of files is unknown).
During the "False Alarm" test, Microsoft flagged 13 false positives, putting it in the "many FPs" category (albeit on the low end -- the worst offender tagged 40). Avira, Eset, and Kaspersky performed the best here: Avira only flagged one false positive and the latter two detected none.
All in all, despite a few hiccups, Windows Defender is still one of the best antivirus programs out there, and it's relatively non-intrusive as far as free software goes...
All in all, despite a few hiccups, Windows Defender is still one of the best antivirus programs out there, and it's relatively non-intrusive as far as free software goes (you won't be harassed to shell out cash for a paid upgrade). In AV-Comparatives tests, Defender managed to earn the two-star "Advanced Malware Protection" rating, alongside Panda, Kaspersky, F-Secure, and a few others.
However, the software is not perfect, and Microsoft clearly still has a ways to go in the offline virus detection department. We hope the company improves this aspect of its security software moving forward.