15% of Malware Can Get Past Windows 8’s Defender, Experts Find

AlexNguyen

Source: 15% of Malware Can Get Past Windows 8?s Defender, Experts Find - Softpedia

Researchers have made comparative tests to determine the differences between Windows 7, Windows 8, and Windows 8 with Windows Defender enabled. To ensure the accuracy of the tests, the operations have been carried out in a controlled environment with no third-party security solutions installed.

Of the 385 pieces of malware, 322 were immediately deleted by Windows Defender on Windows 8. On the other hand, 61 samples were able to evade detection.

Roguetadhg

how about W7?

The article says that W7 did worse than W8. I was expecting a blast against W8 that 15% is a bad number.

385 malware samples, selected based on popularity criteria, have been utilized in the experiment.

Windows 7, 262 of the malware samples were successfully executed.
Windows 8, ... 234 were successfully run,

Akaricloud

That's actually a pretty low number IMO. The problem is it's quite easy to write around any one AV solution and of course people making these know this and write around the most common ones.

It's always going to be a problem with any integrated AV protection that Microsoft offers.

tpatt100

I think that's better than the smartphone malware programs. I don't assume they are 100 percent but 15 percent of "known" malware is a problem though.

it_consultant

Better than the 0% effectiveness that Windows 7 gives you when people are too cheap to update their AV. Almost every virus I have ever cleaned would have been stopped by MSSE.

sratakhin

Was Windows 7 tested with just Windows Defender or MSE?

it_consultant

MSSE = Windows 8 Defender.

sratakhin

I wouldn't trust any vendor-sponsored research. This one was performed by BitDefender, so they obviously have interest in making people buy third-party solutions.

WafflesAndRootbeer

MSE gets my recommendation. Want to secure a Windows laptop? Follow the appropriate guidelines for doing so and do NOT run an Admin account full-time or give everyone Admin rights on their accounts. I keep my family's computers locked down like that now and it's really cut down on my time wasted fixing their problems from rogue software.

ptilsen

It's much better than nothing, but I agree with Akaricloud that even a bad malware writer is probably going to take the time to get around the built-in defense. It will be effective while Windows 8 has low market share, but as Windows Defender becomes standard, eventually all malware will circumvent it. The reason MSE is effective at all is because most Windows PCs are not running it. Thus, even though it is Microsoft's free offering, it doesn't represent a large enough "threat" to the malware to bother coding for it.

Ultimately, I will pretty much always go with a third-party solution for this reason. Unless we start seeing Windows Defender beating the better third-party solutions, it doesn't make sense to me to not use third-party.

Not running as local admin unfortunately doesn't stop all threats. Neither does antivirus or constantly patching every likely attack vector. However, a combination of the above greatly reduces the risk. I think MS has been on the right road since first introducing UAC with Vista, frankly. Moving to an app-style system is ultimately the right approach, so long as MS maintains some level of control over its app store. For everyday consumers, the combination of everything MS is doing is definitely going to help a lot.