Microsoft Antivirus Tied for Last in Malware Tests
Microsoft's built-in Windows Defender antivirus software does well against known malware, but gets an F from an independent lab in stopping the newer stuff.
Windows 10 added a lot of security enhancements to ordinary PCs, but perhaps it hasn't added enough. Most third-party antivirus software still does better than Microsoft's built-in defenses at protecting computers from new strains of malware, although Microsoft has caught up in stopping better-known bugs.
That's according to the latest results from German independent lab AV-TEST, released today (Nov. 30). Among 22 products tested, Microsoft's Windows Defender came in dead last at stopping new "zero-day" malware that had never been seen before. More than 10 percent of zero-day bugs slipped past Defender, while the average antivirus product let only about 1 percent pass.
Windows Defender was much better at stopping regular kinds of malware, catching about 99.7 percent of it, a hair above average. Worst in that category was Comodo Internet Security, which stopped only about 93.5 percent of prevalent malware; every other product tested caught at least 99.5 percent.
MORE: Best Antivirus Software and Apps
AV-TEST's new rankings were topped by Avira Antivirus Pro and Kaspersky Internet Security, which scored a perfect 6 points each in three equally weighted categories: protection, performance (impact on a computer system's speed) and usability. Just behind were Bitdefender Internet Security, Quick Heal Total Security and Trend Micro Internet Security, which each got dinged half a point on system-performance impact. (Quick Heal licenses Bitdefender's signature-based malware-detection engine, but uses its own behavioral detection for previously unseen malware.)
In terms of protection against malware, three products scored perfectly, stopping 100 percent of all malware: Bitdefender, Trend Micro and Norton Security. Just behind them were Avira and Panda Security Free Antivirus, which each caught 100 percent of zero-day malware, but only about 99.6 percent of widespread malware.
In antivirus software, what matters isn't how much you stop, but how much you let through. A score of 95 percent isn't an A, but more like a C-plus, as it's 25 times worse than a score of 99.8 percent.
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
That makes Windows Defender's zero-day score of 89.0 percent a pretty bad F. Defender is included with Windows 8.1 and 10, and it has been slowly improving, but it's still a stop-gap solution aided greatly by under-the-hood Windows 10 security enhancements. Until Microsoft develops dynamic defenses against zero-day malware, Windows users will do much better to install and run third-party software that updates itself.
In Tom's Guide's own tests, we've found that Bitdefender generally has a smaller system impact than Kaspersky, although we're comfortable recommending either brand for Windows users. The same goes for Avira (which makes an excellent free product), Norton and Trend Micro.
Each brand uses one malware engine for all its own Windows products. Those products differ on features, not protection, and are tailored to customers with different needs. For more information, consult our Antivirus Software Buying Guide.
Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at FoxNews.com, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.