We may earn affiliate commissions for the recommended products. Learn more.

Microsoft Defender antivirus review

Microsoft Defender (former Windows Defender) is a free built-in antivirus for Windows OS. Microsoft Defender is a part of Windows Security – a built-in app for Windows 10 or 11 to keep your device more secure. Microsoft Defender is an antivirus tool in the Windows Security app that offers features like real-time alerts and firewall and network protection.

The fact that Windows Defender comes built in the Microsoft 365 package also adds to the universal appeal of the antivirus software.

However, is Windows Defender really good enough to protect your data? The answer is no. Despite its convenience and somewhat acceptable protection rates, Microsoft Defender is lacking when it comes to dealing with more serious cyber threats. Even some free contenders offer better protection, compared to Microsoft Defender. The antivirus is also lacking in terms of reliable scans and secure browsing options.

Best alternative to Microsoft Defender antivirus
TotalAV is the best antivirus alternative to Microsoft Defender. It has a free plan, excellent malware protection rates, and real-time security from threats while browsing.
cybernews® score
4.9 /5

In this Microsoft Defender antivirus 2024 review, we’ll delve deeper into what this antivirus solution offers, take a look at its biggest advantages, explore its shortcomings, and determine if Microsoft Defender is actually good enough to protect your computer.

TotalAVMicrosoft Defender
⭐ Rating:
🥇 Overall rank:#1 out of #25#20 out of #25
🔥 Coupons:TotalAV coupon 80% OFFAntivirus Coupons 2024
💵 Price:From $19.00/year-
✂️ Free version:YesYes
🖥️ Platforms:Windows, macOS, iOS, AndroidWindows
Best Microsoft Defender Alternatives

Microsoft Defender pros & cons

Is Microsoft Defender antivirus safe?

Microsoft Defender antivirus is pretty safe. It has almost 100% real-time protection rates, according to independent tests. It also has additional features for device protection against malware, such as scanning, app and browser control, and account protection options. However, the scans are sometimes inaccurate and fail to detect malicious files and potentially unwanted programs.

Based on the independent tests concluded in November and December 2023, AV-Test labs evaluated Microsoft Defender protection at 100%. This is both in terms of prevalent malware and zero-day threats, including online and email threats. By contrast, AV-Comparatives tested Windows Defender in October 2023 and concluded around 99% malware threat detection and protection rates with only three false positives. Compared to top providers in the antivirus market, these are good results.

windows defender av-test results

Our in-house test results also were very good – the firewall and real-time protection worked like a charm. It detected and instantly deleted 9 out of 10 zero-day threats. However, during the scanning process, for which the firewall and real-time protection have to be disabled, 10 out of 10 malicious files were allowed through, and only one Trojan was found. Essentially, the scans are pretty much nothing against zero-day threats.

All in all, while Microsoft Defender can be considered a relatively safe antivirus solution, it may not be as good as some of the other antiviruses regarded as the best in the market.

Microsoft Defender security features

Microsoft Defender has quite a selection of security features, ranging from basic threat protection to parental controls. There is no password manager, and there’s a very limited VPN available only for Android, but considering that this is a built-in Windows security suite, this is to be expected.

Let’s take a closer look at all of the security features that Microsoft Defender offers.

Virus & threat protection

Windows Security Virus and threat protection is where you can find all the scans available. There is quite a selection of scans you can do: a quick scan, a full scan, a custom scan, and an offline scan.

Windows Defender AV scan options

Quick and full scans are just about what you would expect – a quick scan checks the folders where malware and threats are usually found, and a full scan goes through everything that’s on your hard disk. In some cases, the latter scan can take longer than one hour. During our tests, the quick scan went on for about four minutes and didn’t find any of the 10 malicious files that we had downloaded. The full scan lasted for around 8 minutes and found only one out of 10 malicious files. This is very disappointing.

On top of that, we noticed some inaccuracies in the scan summaries. For example, the full scan that we did took around 8 minutes and scanned over a million files, but the scan summary claimed it was only four minutes and only 200k files were scanned.

Quick ScanFull Scan
Duration:~4 min<8 min
Files Scanned:355,5481,112,920
Malicious files found:0/101/10
CPU load:Max - 97%, avg - 35%Max - 100%, avg. - 60%
Disk load:Max - 100%, avg. - 90%Max - 99%, avg. - 70%
Memory load:30%50%

A custom scan allows you to choose which files and folders to check, and an offline scan is mostly for malware that could be particularly hard to find and remove. The offline scan will restart your device and could take up to 15 minutes.

In the Virus and threat protection section, there are also options for ransomware protection. You can manage access control, which protects files, folders, and memory areas from unauthorized access and changes. For further protection, there is an option to set up OneDrive, a Microsoft cloud solution, for file recovery in case of a ransomware attack.

Account protection

Account protection is all about protecting your account on your particular device, as unexciting as that sounds. In order to get enhanced security and other benefits for your Microsoft account specifically, you’ll be asked to sign in. Other than that, you can also manage device sign-in options in Windows Hello, and set up a dynamic lock.

windows defender account protection

Windows Hello sign-in options include biometric logins (face-id and/or fingerprint, depending on your device), a PIN code, a physical security key, a password, and a picture-based password for those who don’t fancy words or numbers that much.

To use the dynamic lock, you’ll have to pair some devices with your PC, such as your phone. Windows will then use these devices to know when you are physically away from your PC and lock it.

Firewall & network protection

Microsoft Defender Firewall and network protection is the place where you can manage and disable or enable the firewall on different networks, including domain, private, and public networks. Domain networks may include workplace or school networks, private networks usually are your home network, and public networks are those that require the most rules and security, namely networks in airports, cafes, etc.

windows defender firewall and network protection

Other firewall options include allowing an app through a firewall, which is convenient in the case of detected false positives such as flagging, say, a VPN app as suspicious. You can also troubleshoot the network and internet in case something on your device isn’t working.

In the event that you have other security applications installed, you can manage them in the notification management tab. And if you find Microfot Defender notifications to be a little too frequent, you can also choose what information you want to be notified about.

windows defender settings

Furthermore, if you’re not satisfied with the protection that default firewall settings provide, you can tweak them yourself by going to advanced settings. There, you can find options to regulate inbound (coming to your device from the network and the internet) and outbound (going from your device to the network and the internet) traffic rules, connection (between your and another device) security rules, and monitor the activities of the firewall.

App & browser control

The app and browser control section in Windows Security includes reputation-based protection, Smart App Control, and exploit protection. All of these settings are essentially centered around protecting your device from potentially unwanted malicious activities, be it websites, apps, files, or straight-up malware.

Microsoft Defender app and browser control

Reputation-based protection is a collection of settings that check unrecognized applications and files that come from the web, as well as SmartScreen for Microsoft Edge browser which blocks malicious sites and downloads. There is also an additional potentially unwanted app blocking option, Smart App Control, specifically for applications that have a low reputation. You can choose to either block ads, downloads, or both.

reputation based protection

Isolated browsing is just what it says on the tin – the so-called Microsoft Defender Application Guard opens up the Edge browser in an isolated environment for secure browsing.

Exploit protection is designed to help protect your device against attacks. Its settings are all set up in the way that Windows claims is best for most users. If we take a closer look at exploit protection settings, it becomes clear that an average Windows user without advanced technical knowledge will probably be a bit lost. Nevertheless, here you can tweak numerous system settings ranging from securing program code execution to process termination in case of corrupted memory, and customize program settings.

exploit protection windows defender

Device security

Microsoft Defender device security concerns the security of the core parts of your computer, whatever they may be. Core isolation, security processor, and secure boot all work to ensure the utmost protection of your device.

Microsoft Defender security

However, it seems that these functions are mostly here for show as there is not much customization available. In core isolation, you can turn on and off the memory integrity, which is responsible for preventing malicious code insertion into high-security processes. The security processor section displays the specifications and status of the processor. There is also an option for troubleshooting.

As for the secure boot, it seems that this feature is always enabled without an option to turn it off. And maybe that’s a good thing, as it prevents malicious software from loading when the device is starting up. Given that there is malware on your computer in the first place.

Device performance & health

The device performance and health section isn’t anything more than what’s in the title. It includes a health report on Windows time service, storage capacity, and apps and software.

Microsoft Defender health and performance

Besides that, there is also an option for a fresh start. Much like scraping your identity and starting a new life somewhere in Uruguay, this is an option to install Windows OS anew in order to improve startup and shutdown, memory usage, store app performance, browsing experience, and battery life. The process “will keep your personal files and some Windows settings, and remove some of your apps,” as stated under the fresh start section.

Family options

Family options in the Microsoft Defender include parental controls and health monitoring of your family’s devices. You can’t control any of the settings or view the devices’ health on the application. Instead, you have to do it from your Microsoft account on the web.

Microsoft Defender family options

The parental controls settings include kid protection online – setting permissions on what kind of websites the kids can visit, given that they’ll be using Microsoft Edge. There is also an option to control screen time and get weekly reports about the kids’ online activities. And as for using, downloading, and/or purchasing apps, you can also set some permissions and restrictions.

How much does Windows Defender cost?

You can get Microsoft Defender only by purchasing a Microsoft 365 Personal or a Microsoft 365 Family package. Below, you can see the differences between the two plans and what they offer:

Microsoft 365 PersonalMicrosoft 365 Family
Antivirus and anti-phishing protection (1 person, up to 5 devices)Antivirus and anti-phishing protection (6 people, up to 5 devices per person)
Identity theft monitoringIdentity theft monitoring (all family members)
Identity theft insuranceIdentity theft insurance
1 TB of cloud storageUp to 6 TB of cloud storage (1 TB per person)
Word, Excel, PowerPoint, OneNote, and more appsWord, Excel, PowerPoint, OneNote, and more apps
Ad-free secure emailAd-free secure email
OneDrive advanced file and photo protectionOneDrive advanced file and photo protection

Clearly, the plans are pretty much identical. The only difference is you get more people covered with the Family plan. Both Microsoft 365 Personal and Family plans offer antivirus protection, identity theft monitoring, 1 TB of cloud storage for each user, and other perks. Microsoft 365 Personal plan comes at $6.99/month, while the Family plan costs $9.99/month, which is a very good deal, considering it covers 6 people (35 devices in total!)

If you consider purchasing Microsoft 365 anyway, the Microfost Defender antivirus will only be a bonus. But if you don’t really need all the above things, purchasing the package only for the antivirus is not worth the money.

Ease of use and setup

Windows Defender, now officially known as Microsoft Defender on Windows Security, comes with a Microsoft 365 package, and is built-in your Windows OS, meaning that there’s not much setting up to be done. You don’t need to purchase a separate subscription for it. If you have a Microsoft 365 Personal or Family subscription, you can also get an app for your Android, iOS, or macOS device.

The only things that are recommended you do are logging in to OneDrive, the Windows cloud solution, and enabling the firewall, which is just a few clicks anyway.

Nevertheless, let’s take a closer look at the Microsoft Defender interface.

Microsoft Defender interface

When it comes to reviewing the user interface of any app, it’s important to note that it’s very subjective. Some users might appreciate some color and fun animations here and there, and some prefer black text on a white background and don’t wish for anything more.

That being said, the Microsoft Defender interface is nothing spectacular. It definitely is very minimal and doesn’t have any eye-catching elements or an exciting color palette. Despite that, it is very functional and easy to navigate. The home page, or the so-called Security at a glance, displays all of the features and management areas, as well as tiny checkmarks or warning signs, depending on whether everything is alright or if you need to take action in that area. You can also navigate to different features using a sidebar menu.

Microsoft Defender home

As for the scans, compared to some other providers that offer some sort of animations or at least slightly more interesting loading screens, Windows Defender does none of that. Instead, it makes the scans “look like hard work, which calls for depression,” as per our research team’s words. While this may be an extremely subjective opinion, we believe it is called for.

Microsoft defender scanning

Customer support

Microsoft Defender customer support is not particularly advanced, but seeing as it is relatively simple to use, this may not be a bad thing. In the application itself, there’s a sidebar menu with options to give feedback, get help, and access community videos.

Choosing to get help opens up another window with the most common questions and a search bar if you have some other specific problem. This knowledge base is pretty easy to navigate, and if the suggested solutions don’t help with your problem, you can always get more suggestions by clicking “No” under the “Did it solve the problem?” question at the bottom.

Microsoft defender help

The community videos are sorted by features, and all offer a brief overview of a particular feature, which is also pretty helpful.

If you want to contact Microsoft Defender support, you need to sign in to your Microsoft account. Unfortunately, live admin support is only available for business accounts.

Video review

In this video, we compare Microsoft Defender to some of the best free alternatives and settle the question of whether it's good enough for Windows 11:

Is Microsoft Defender good?

Yes, Microsoft Defender is a good antivirus for basic protection with a very strong firewall. It did very well in independent tests, however, the scanning performance showed poor results during our in-house research. But its extra features, like identity theft monitoring and all the Office apps, add to the appeal.

On the other hand, even if the Edge-only approach to online security is something that most users can get behind, there are other issues, too. Some of the features, such as ransomware protection and family options, are only available when signed in to your Microsoft account. Without that, you won’t be able to use the OneDrive cloud for backing up your files, and you won’t be able to see what your kids are up to when left to their own devices.

In conclusion, while Microsoft Defender might be somewhat acceptable and convenient, Windows users who wish for a bit more rounded protection will probably be better off with some other antivirus software. Foolproof, all-encompassing, and trustworthy device and online security is not something that Microsoft Defender can offer.

Alternative antivirus programs to Microsoft Defender

Microsoft Defender might be the default antivirus protection for your PC, but it definitely isn’t the only one. If you find that Microsoft Defender does not offer adequate protection and security for your device, consider other antivirus options. Below are three providers that we found to have the best features and unbeatable protection rates:

  1. TotalAV – best antivirus overall with a 100% protection rate
  2. Bitdefender – excellent virus scanning capabilities for Windows
  3. Norton 360 – extensive protection feature suite for your PC

Other antivirus program reviews: