Expert's Rating
Pros
- Built into Windows 10 and 11
- Settings are easy to review and customize
- Integrates with other security aspects of Windows
Cons
- Tends toward false positives, especially with SmartScreen
- Lacks the advanced features found in third-party products
Our Verdict
Microsoft Defender provides basic but helpful protection against malware, ransomware, and other threats. The AV tool neatly integrates with other Windows features to offer more comprehensive security. And it’s built into Windows and free.
The common perception is that paid security products from third parties must be more effective than any security built into an operating system like Windows. That may have been true in the past. But over the years, Microsoft has beefed up the security features that come with Windows. Beyond just basic antivirus protection, Windows 10 and 11 both include a healthy lineup of other tools designed to protect your PC, your files, and your online activity from malicious threats.
Note: Go to our roundup of the best antivirus for PC to learn about competing products, what to look for in an AV suite, and product recommendations.
Windows Security: Features
Known collectively as Windows Security, the built-in defenses start with the Microsoft Defender antivirus tool. Defender automatically resides in memory to offer real-time protection against malware. But you can run a variety of on-demand scans, including a quick scan, a full scan, a custom scan of specific folders and locations, and even an offline scan to hunt for rootkits and other malware that’s otherwise difficult to remove.
Lance Whitney / Foundry
By default, any malicious items are automatically quarantined. Microsoft Security keeps track of all threats via its Protection history. Here, you can view new, quarantined, and cleaned items and also see recommendations on settings you may want to enable or configure to enhance your security.
Lance Whitney / Foundry
The customizable settings for Microsoft Security are quite thorough with real-time protection and the latest cloud-delivered protection both enabled. If you run into a suspicious file, a link helps you submit the sample to Microsoft for analysis. A feature called Tamper Protection tries to prevent malicious apps from changing and thereby thwarting the security settings for Microsoft Security. Further, you’re able to exclude specific files, folders, and processes that you don’t want scanned.
Also part of Microsoft Security is ransomware protection. This protects certain files, folders, and areas of memory from unauthorized access and changes by malicious or suspicious apps. You can view the folders that are automatically protected this way and add additional folders you want secured. To help with data recovery in the event of a successful ransomware attack, Microsoft steers you to its own OneDrive backup and syncing service with a specific option for recovering any compromised files.
Beyond Microsoft Defender, Windows Security ties in with other aspects of the operating system. Under Account protection are links to view your Microsoft account, set up Windows Hello authentication for fingerprint or facial recognition, and enable Dynamic Lock to automatically lock your PC when you leave with your smartphone in hand.
The built-in firewall is automatically enabled for domains, private networks, and public networks. You can easily allow a specific app through for a private or public network. You’re also able to access advanced firewall settings through a snap-in module where you can customize existing rules and create new firewall rules.
Lance Whitney / Foundry
Microsoft’s SmartScreen feature aims to stop potentially malicious, suspicious, or low-reputation apps, websites, and file downloads. However, SmartScreen has a history of false positives to the point that some people end up disabling it, which obviously defeats its purpose. Exploit protection tries to block malware that takes advantage of vulnerabilities to infect your system. Also in the lineup is Device security, which taps into your PC’s built-in hardware security defenses to combat malicious code and other threats.
The overall Windows Security dashboard is well designed, offering access to each of the different features. In Windows 10, go to Settings > Update & security, and then Windows Security. In Windows 11, go to Settings > Privacy & security, and then Windows Security. From there, either click the button for Open Windows Security to view and access the different tools, or click a specific tool to view or use it.
Lance Whitney / Foundry
Windows Security: Performance
The usual test files from the EICAR testing site prompted security responses from Microsoft Defender, though the results differed slightly by browser.
In Microsoft Edge, clicking each of the test files triggered a warning from SmartScreen that the site was unsafe. The eicar.com, eicar.com.txt file, and the eicar_com.zip file were all prevented from being downloaded as Defender labeled them unsafe. And the eicarcom2.zip file was blocked with a notice that a virus was detected.
In Chrome, I was stopped from trying to save each of the four files because a virus was detected. In Firefox, I was able to save each of the files. But when I tried to run or open them, Microsoft Defender prevented the action, telling me that it found a virus or potentially unwanted software.
An AV-Test review from November/December of 2022 gave Microsoft Defender grades of 6 out of 6 for protection and usability, and 5 out of 6 for performance. Testing from AV Comparatives in from September and October of 2022 awarded the program generally good grades but knocked it down a few points for too many false positives and a low offline detection rate. A December 2022 analysis from SE Labs gave Microsoft Defender top grades for protection and accuracy.
Windows Security: Bottom line
Overall, Windows Security offer several benefits. Beyond the Windows Defender antivirus protection there are other solid security features. The settings are easily accessible and customizable. And since the protection is built into Windows, you don’t have to install anything. If you need more features, such as a VPN, encrypted cloud backup, or online privacy tools, a third-party program is still the way to go. But for basic protection and then some, Microsoft Security is quite capable.
Editor’s note: Because online services are often iterative, gaining new features and performance improvements over time, this review is subject to change in order to accurately reflect the current state of the service. Any changes to text or our final review verdict will be noted at the top of this article.