Microsoft Defender antivirus review – is it good enough to protect your PC?
Microsoft Defender (former Windows Defender) is a free built-in antivirus for Windows OS. It offers such features as threat scanners, firewall and network protection, account protection, and device security.
It is a convenient antivirus solution for Windows users and has a bunch of security features centered around the device and online protection from spyware, adware, ransomware, and other malware. The fact that Windows Defender comes built-in and completely free for all Windows devices also adds to the universal appeal of the antivirus software.
However, is Windows Defender really good enough to protect your data? The answer is no. Despite its convenience and somewhat acceptable protection rates, Microsoft Defender is lacking when it comes to dealing with more serious cyber threats. The antivirus is also lacking in terms of reliable scans and secure browsing options.
In this Microsoft Defender antivirus 2023 review, we’ll delve deeper into what this antivirus solution offers, take a look at its biggest advantages, explore the shortcomings, and determine if Windows Security is actually good and worth your attention.
|🥇 Overall rank:||#3 out of #25||#20 out of #25|
|🔥 Coupons:||TotalAV coupon 84% OFF||Antivirus Coupons 2023|
|💵 Price:||from $19.00/year, 3 devices||-|
|✂️ Free version:||Yes||Yes|
|🖥️ Platforms:||Windows, Mac, iOS, Android||Windows|
Microsoft Defender pros & cons
Is Microsoft Defender antivirus safe?
Microsoft Defender antivirus is pretty safe. It has almost 100% real-time protection rates, according to independent tests. It also has additional features for device protection against malware, such as scanning, app and browser control, and account protection options. However, the scans are sometimes inaccurate and fail to detect malicious files and potentially unwanted programs.
Based on the independent tests concluded in January and February 2022, AV-Test labs evaluated Microsoft Defender protection at 100%. This is both in terms of prevalent malware and zero-day threats, including online and email threats. By contrast, AV-Comparatives tested Windows Defender in March 2022 and concluded around 99% malware threat detection and protection rates with only five false positives. Compared to top providers in the antivirus market, these are good results.
Our in-house test results also were very good – the firewall and real-time protection worked like a charm. It detected and instantly deleted 9 out of 10 zero-day threats. However, during the scanning process, for which the firewall and real-time protection have to be disabled, 10 out of 10 malicious files were allowed through, and only one Trojan was found. Essentially, the scans are pretty much nothing against zero-day threats.
All in all, while Microsoft Defender can be considered a relatively safe antivirus solution, it may not be as good as some of the other antiviruses regarded as the best in the market.
Microsoft Defender security features
Windows Security has quite a selection of security features, ranging from basic threat protection to parental controls. There is no VPN or a password manager, but considering that this is a built-in Windows security suite, this is to be expected.
Let’s take a closer look at all of the security features that Microsoft Defender offers.
Virus & threat protection
Windows Security Virus and Threat Protection is where you can find all the scans available. There is quite a selection of scans you can do: a quick scan, a full scan, a custom scan, and an offline scan.
Quick and full scans are just about what you would expect – a quick scan checks the folders where malware and threats are usually found, and a full scan goes through everything that’s on your hard disk. In some cases, the latter scan can take longer than one hour. During our tests, the quick scan went on for about four minutes, and didn’t find any of the 10 malicious files that we had downloaded. The full scan lasted for around 8 minutes and found only one out of 10 malicious files. This is very disappointing.
On top of that, we noticed some inaccuracies in the scan summaries. For example, the full scan that we did took around 8 minutes and scanned over a million files, but the scan summary claimed it was only four minutes and only 200k files were scanned.
|Quick Scan||Full Scan|
|Duration:||~4 min||<8 min|
|Malicious files found:||0/10||1/10|
|CPU load:||Max - 97%, avg - 35%||Max - 100%, avg. - 60%|
|Disk load:||Max - 100%, avg. - 90%||Max - 99%, avg. - 70%|
A custom scan allows you to choose which files and folders to check, and an offline scan is mostly for malware that could be particularly hard to find and remove. The offline scan will restart your device and could take up to 15 minutes.
In the Virus and threat protection section, there are also options for ransomware protection. You can manage access control, which protects files, folders, and memory areas from unauthorized access and changes. For further protection, there is an option to set up OneDrive, a Microsoft cloud solution, for file recovery in case of a ransomware attack.
Account protection is all about protecting your account on your particular device, as unexciting as that sounds. In order to get enhanced security and other benefits for your Microsoft account specifically, you’ll be asked to sign in. Other than that, you can also manage device sign-in options in Windows Hello, and set up a dynamic lock.
Windows Hello sign-in options include biometric logins (face-id and/or fingerprint, depending on your device), a PIN code, a physical security key, a password, and a picture-based password for those who don’t fancy words or numbers that much.
To use the dynamic lock, you’ll have to pair some devices with your PC, such as your phone. Windows will then use these devices to know when you are physically away from your PC and lock it.
Firewall & network protection
Microsoft Defender Firewall and Network protection is the place where you can manage and disable or enable the firewall on different networks, including domain, private, and public networks. Domain networks may include workplace or school networks, private networks usually are your home network, and public networks are those that require the most rules and security, namely networks in airports, cafes, etc.
Other firewall options include allowing an app through a firewall, which is convenient in the case of detected false positives such as flagging, say, a VPN app as suspicious. You can also troubleshoot the network and internet in case something on your device isn’t working.
In the event that you have other security applications installed, you can manage them in the notification management tab. And if you find Microfot Defender notifications to be a little too frequent, you can also choose what information you want to be notified about.
Furthermore, if you’re not satisfied with the protection that default firewall settings provide, you can tweak them yourself by going to advanced settings. There, you can find options to regulate inbound (coming to your device from the network and the internet) and outbound (going from your device to the network and the internet) traffic rules, connection (between your and another device) security rules, and monitor the activities of the firewall.
App & browser control
The app and browser control section in Windows Security includes reputation-based protection, an isolated browsing option, and exploit protection. All of these settings are essentially centered around protecting your device from potentially unwanted malicious activities, be it websites, apps, files, or straight-up malware.
Reputation-based protection is a collection of settings that check unrecognized applications and files that come from the web, as well as SmartScreen for Microsoft Edge browser which blocks malicious sites and downloads. There is also an additional potentially unwanted app blocking option, specifically for applications that have a low reputation. You can choose to either block ads, downloads, or both.
Isolated browsing is just what it says on the tin – the so-called Microsoft Defender Application Guard opens up the Edge browser in an isolated environment for secure browsing.
Exploit protection is designed to help protect your device against attacks. Its settings are all set up in the way that Windows claims is best for most users. If we take a closer look at exploit protection settings, it becomes clear that an average Windows user without advanced technical knowledge will probably be a bit lost. Nevertheless, here you can tweak numerous system settings ranging from securing program code execution to process termination in case of corrupted memory, and customize program settings.
Microsoft Defender device security concerns the security of the core parts of your computer, whatever they may be. Core isolation, security processor, and secure boot all work to ensure the utmost protection of your device.
However, it seems that these functions are mostly here for show as there is not much customization available. In core isolation, you can turn on and off the memory integrity, which is responsible for preventing malicious code insertion into high-security processes. The security processor section displays the specifications and status of the processor. There is also an option for troubleshooting.
As for the secure boot, it seems that this feature is always enabled without an option to turn it off. And maybe that’s a good thing, as it prevents malicious software from loading when the device is starting up. Given that there is malware on your computer in the first place.
Device performance & health
The device performance and health section isn’t anything more than what’s in the title. It includes a health report on Windows time service, storage capacity, battery life, and apps and software.
Besides that, there is also an option for a fresh start. Much like scraping your identity and starting a new life somewhere in Uruguay, this is an option to install Windows OS anew in order to improve startup and shutdown, memory usage, store apps performance, browsing experience, and battery life. The process “will keep your personal files and some Windows settings, and remove some of your apps,” as stated under the fresh start section.
Family options in the Microsoft Defender include parental controls and health monitoring of your family’s devices. You can’t control any of the settings or view the devices’ health on the application. Instead, you have to do it from your Microsoft account on the web.
The parental controls settings include kid protection online – setting permissions on what kind of websites the kids can visit, given that they’ll be using Microsoft Edge. There is also an option to control screen time and get weekly reports about the kids’ online activities. And as for using, downloading, and/or purchasing apps, you can also set some permissions and restrictions.
Ease of use and setup
Windows Defender, now officially known as Microsoft Defender or Windows Security, comes already built-in with any Windows device, meaning that there’s not much setting up to be done. You don’t need to purchase a subscription or download and install anything.
The only things that are recommended you do are logging in to OneDrive, the Windows cloud solution, and enabling the firewall, which takes just a few clicks anyway.
Nevertheless, let’s take a closer look at the Microsoft Defender interface.
Microsoft Defender interface
Microsoft Defender is a Windows-only feature, meaning that it’s not available on other operating systems, so we will be reviewing the one and only Windows interface.
When it comes to reviewing the user interface of any app, it’s important to note that it’s very subjective. Some users might appreciate some color and fun animations here and there, and some prefer black text on a white background and don’t wish for anything more.
That being said, the Microsoft Defender interface is nothing spectacular. It definitely is very minimal and doesn’t have any eye-catching elements or an exciting color palette. Despite that, it is very functional and easy to navigate. The home page, or the so-called Security at a glance, displays all of the features and management areas, as well as tiny checkmarks or warning signs, depending on whether everything is alright or if you need to take action in that area. You can also navigate to different features using a sidebar menu.
As for the scans, compared to some other providers that offer some sort of animations or at least a little bit interesting loading screens, Windows Defender does none of that. Instead, it makes the scans “look like hard work, which calls for depression,” as per our research team’s words. While this may be an extremely subjective opinion, we believe it is called for.
Microsoft Defender customer support is not particularly advanced, but seeing as it is relatively simple to use, this may not be a bad thing. In the application itself, there’s a sidebar menu with options to give feedback, get help, and access community videos.
Choosing to get help opens up another window with the most common questions and a search bar if you have some other specific problem. This knowledge base is pretty easy to navigate, and if the suggested solutions don’t help with your problem, you can always get more suggestions by clicking “No” under the “Did it solve the problem?” question at the bottom.
The community videos are sorted by features, and all offer a brief overview of a particular feature, which is also pretty helpful.
If you want to contact Microsoft Defender support, you need to sign in to your Microsoft account. Unfortunately, live admin support is only available for business accounts.
In this video, we compare Windows Defender to some of the best free alternatives and settle the question whether it's good enough for Windows 11:
Is Microsoft Defender any good?
Microsoft Defender is a good enough option for basic antivirus protection. It has a very strong firewall and a good number of features for the program and device security. However, the scanning performance is very poor, and secure browsing is only possible with Microsoft Edge.
And even if the Edge-only approach to online security is something that most users can get behind, there are other issues, too. Some of the features, such as ransomware protection and family options, are only available when signed in to your Microsoft account. Without that, you won’t be able to use the OneDrive cloud for backing up your files, and you won’t be able to see what your kids are up to when left to their own devices.
In conclusion, while Windows Security might be somewhat acceptable and convenient, Windows users who wish for a bit more rounded protection will probably be better off with some other antivirus software. Foolproof, all-encompassing, and trustworthy device and online security is not something that Microsoft Defender can offer.
Alternative antivirus programs to Windows Defender
Microsoft Defender might be the default antivirus protection for your PC, but it definitely isn’t the only one. If you find that Windows Defender does not offer adequate protection and security for your device, consider other antivirus options. Below are three providers that we found to have the best features and unbeatable protection rates:
- TotalAV – 100% protection rate for your Windows PC
- Bitdefender – excellent virus scanning capabilities for Windows
- Norton 360 – extensive protection feature suite for Windows PCs
Other antivirus program reviews:
Is Microsoft Defender enough for personal use?
Yes, Microsoft Defender is a good enough choice for basic protection against malware. However, if you want more rounded device protection against online threats, there are much better antivirus options available. We recommend Bitdefender, as it offers best-in-class protection and many additional features that Windows Defender doesn’t have.
Do I need another antivirus if I have Microsoft Defender?
Yes, we recommend getting another antivirus even if you have Microsoft Defender. Microsoft Defender is a good choice for frontline protection, but it is lacking in some features. A combination of quality antivirus software and Windows Defender would be the best for the security of your device.
Can Microsoft Defender remove malware?
Yes, Microsoft Defender Firewall removes malware as soon as it detects that you’ve downloaded a malicious program. Microsoft Defender virus and threat protection allows the user to choose to either put malware in quarantine or delete it.
Is Microsoft Defender better than free antivirus?
It depends on what kind of free antivirus you have. Most free versions of premium antiviruses are better than Microsoft Defender, but if the antivirus is completely free and doesn’t have paid plans, chances are that you’ll be better off with Microsoft Defender.