Monday, May 2, 2011

Should I keep Windows Defender?

Note: This is a opinion article, this article is all based on my personal thoughts on the products and not by any facts. You are free to make your own opinion on Windows Defender and its use.

 Since the release of Windows Vista all Windows Operating Systems have came with a basic anti-spyware program known as Windows Defender. However due to Windows Defender not providing Anti-Virus protection, the question was asked "Should I keep Windows Defender?" and they question is still highly debated today in different computer security forums.

 I personally think to answer this question you first need to know a little more about it. A large amount of the time people compare Windows Defender to products such as Malwarebytes Anti-Malware and SuperAntispyware, however I don't think they should be compared. I personally don't think they were made to be used the same way. SAS/MBAM are updated a couple of times a day while Windows Defender is only updated a few time a week through Windows Update. I don't think Windows Defender goal is to keep you safe from every new threat coming out, but to keep you safe from Adware, bots, some rootkits, and to give you a warning sign when you are infected. What do I mean by warning signs, sometimes a normal every day user does not know if they are infected or not and goes by when their av product alerts them of something. Every once in a while I see someone get infected by a bot and the only sign they have they are infected is a Windows Defender alert, the user then knows they are infected and heads to one of the malware removal sites to get helped out. Although Windows Defender may not be one of the quickest to detect something its better then nothing.

Windows Defender also does have some other cool features (in some versions) that seem to have worked good. Windows Defender contained a "light hips" that would block some programs on boot if it detected it to be suspicious. That always seemed to work OK on some types of threats. Another feature that worked nice with SpyNet. SpyNet is a Microsoft service used to collect data on possible malware files behavior. Since so many computers use Windows Defender that data collected can help when it comes to malware removal tools such as MRT. Microsofts MRT monthly update helps remove many common infections each month when users update there machines. Also on the Windows Vista/XP version Windows Defender contains a startup explorer letting you see what loads with your computer with an easy to use UI.

 So is Windows Defender Worthless? In my opinion no, its still updated a few times a week and has blocked infections on users machine. The product still gets engine updates when Microsoft updates Microsoft Security Essentials. However i still recommend running an AV because Windows Defender should not be your only product. I recommend Panda Cloud Antivirus to use as an AV.

 Also make sure you keep up with our blog to stay up to date on the latest computer security news.

4 comments:

  1. thanks for the article, very nice! my question is: whom would you recommend WD? personally, i belong to the group (not the militant one) saying NO to WD. speaking of typical end-users, i can imagine WD only on machines running AV + built-in Win FW with no other line of defense & not willing to bother with any other security app/tool (probably even then i would hesitate to advise to keep WD enabled). otherwise i would disable WD. note: my opinion on this is also purely personal, based on my assumptions, limited experience, knowledge & IT security philosophy ;)

    ReplyDelete
  2. If the user only is running an AV and Windows Firewall I think it would still be a good idea to run Windows Defender. I personally don't believe in putting all my trust in one product, however that's just me personally.

    ReplyDelete
  3. "I personally don't believe in putting all my trust in one product, however that's just me personally."

    i think this is common consensus among IT security experts & enthusiasts, isn't it? however, they (we) should not forget it is also about usability. over-layered protection (zillion of apps) would cause the user nothing but nightmares :)

    ReplyDelete
  4. Good point, I think I will write a blog post on that so everyone can gain a little insight on that.

    ReplyDelete