Windows Defender review: Neither slick nor speedy, but it will keep you safe
Not the slickest or most feature-packed security suite, but it blocks viruses and stays out of your way
Pros
- Effective protection against malware
- Won’t pester you with pop-ups
- No subscription fees
Cons
- Clunky user interface
- Slower than many commercial suites
- Only works on Windows
If you’re looking for cheap, fuss-free security, you can’t do much better than the security suite that’s already built into Windows 10 and 11. Strictly speaking, the Windows Defender name only covers the antivirus and “SmartScreen” modules, while the overarching Windows Security app offers many additional protection controls, ranging from the simple to the highly technical.
Even so, the feature spread isn’t as wide as commercial security suites, and it can be tricky to find your way around the numerous modules and settings. It isn’t as fast as third-party rivals, either – plus, of course, it only works on Windows, so if you have Macs or mobile devices to protect you’ll need to look elsewhere.
On its home turf, though, Windows Defender provides strong protection against malware, and is surely the least intrusive security solution around – it runs silently in the background and barely bothers you, even when it blocks an attack. Plus, of course, you never need to deal with nagging reminders urging you to renew an expiring subscription. If you want basic security without having to think about it at all, it’s a solid choice.
Windows Defender review: What do you get for the money?
Assuming you have a licence for Windows 10 or 11, Windows Security doesn’t cost a penny – so you might expect a stripped-down set of features, as with other free antivirus tools. In fact, you get quite a broad range of security components. This may not be obvious as the software is almost invisible in everyday use, but if you open up the Windows Security app you’ll see the features are divided into eight sections, including “Virus & threat protection”, “Firewall & network protection” and “App & browser control”.
The main security functions are self-explanatory. Virus protection performs on-access scanning of files and applications, using a database of malware signatures that automatically updates several times a day, independently of your Windows Update settings. Windows 11 also introduces a new “Smart app control” feature, which uses a cloud database to pre-emptively identify and block untrustworthy apps. If anything dodgy is found, it’s automatically blocked and quarantined with a discreet pop-up; you can customise exactly which events cause a notification, to make Defender as quiet as you like.
The firewall is basically the same one that’s been built into the OS since Windows XP SP2 – and why not? It still works perfectly well, silently blocking unwanted connection requests. A simple requester (in retro Windows 7 style) lets you allow specific processes through the firewall with a few clicks, but if you want to get any more technical than that you’ll need to dive into a management console that’s clearly designed for network administrators rather than typical desktop users.
App and browser control, meanwhile, can warn you away from dangerous apps and websites – but only in Microsoft Edge. If you’re using Chrome, Firefox or some other browser, you might need to turn to a third-party extension such as AVG Browser Security or McAfee WebAdvisor.
Alongside these headline modules, there’s a whole slew of under-the-bonnet OS security features, such as exploit protection measures and virtualisation-based code isolation to prevent malicious programs from tampering with your system. While these are good to have, they’re not a reason to stick with Windows Defender – they’ll continue to work even if you install a different security product.
The suite also includes a simple system health dashboard, so you can check the state of your storage, battery and software at a glance. And there’s an interface to Microsoft’s Family Safety service, which offers time limits and web filtering for kids’ devices – although once again this only works on the Edge browser in Windows and Android, so they’re no use to anyone whose family uses iPhones or iPads.
Finally, the anti-ransomware module does a solid job of preventing untrusted apps from accessing your personal folders, but we’ve also found it can be trigger-happy, and approving a wrongly blocked application is a slow, complicated process. That probably explains why this module is turned off by default – not exactly an expression of confidence in Microsoft’s own product.
READ NEXT: Best antivirus software
Windows Defender review: Will it keep you safe?
German security lab AV-Test.org included Windows Defender in its February 2023 roundup of consumer security software, pitting Windows’ native antivirus protection against the best and biggest-selling commercial security suites.
Each product was confronted with a set of more than 11,000 viruses and other threats during January and February 2023, including many previously unseen zero-day exploits. Windows Defender held its own admirably, matching the perfect protection scores achieved by pricey, feature-packed competitors:
AV-Test.org protection results, Jan/Feb 2023 (%) | 0-day Jan | 0-day Feb | Widespread Jan | Widespread Feb |
Avast One | 100 | 100 | 100 | 100 |
AVG Internet Security | 100 | 100 | 100 | 100 |
Avira Internet Security | 100 | 100 | 100 | 100 |
Bitdefender Internet Security | 100 | 100 | 100 | 100 |
Eset Internet Security | 98.9 | 98.3 | 100 | 100 |
F-Secure SAFE | 99.5 | 100 | 100 | 100 |
G Data Total Security | 100 | 100 | 100 | 100 |
Kaspersky Premium | 100 | 100 | 100 | 100 |
Malwarebytes Premium | 98.9 | 97.8 | 100 | 100 |
McAfee Total Protection | 100 | 100 | 100 | 100 |
Microsoft Windows Defender | 100 | 100 | 100 | 100 |
Norton 360 Deluxe | 100 | 100 | 100 | 100 |
Trend Micro Internet Security | 100 | 100 | 100 | 100 |
Windows Defender was also put to the test by AV-Comparatives.org in its March 2023 malware protection test. This test used 10,015 threat samples and examined whether each of the most popular security suites was able to recognise threats both online and offline, as well as whether it stopped malicious code from executing. Again, Windows Defender put in a creditable showing:
AV-Comparatives protection results, March 2023 (%) | Offline detection | Online detection | Online protection | False positives |
Avast One | 96.90% | 99.50% | 99.97% | 2 |
AVG Internet Security | 96.90% | 99.50% | 99.97% | 2 |
Avira Internet Security | 97.00% | 99.10% | 99.96% | 2 |
Bitdefender Internet Security | 98.10% | 98.10% | 99.94% | 6 |
ESET Internet Security | 97.40% | 97.40% | 99.94% | 0 |
F-Secure SAFE | 96.90% | 98.70% | 99.96% | 14 |
G Data Total Security | 98.80% | 98.80% | 99.95% | 2 |
Kaspersky Premium | 90.00% | 97.90% | 99.96% | 2 |
McAfee Total Protection | 89.60% | 99.70% | 99.99% | 9 |
Microsoft Windows Defender | 83.10% | 99.30% | 99.98% | 32 |
Norton 360 Deluxe | 91.10% | 99.70% | 99.99% | 3 |
Panda Dome | 72.20% | 95.50% | 99.97% | 102 |
Trend Micro Internet Security | 60.90% | 91.80% | 97.19% | 10 |
With an overall protection rate of 99.98%, Windows Defender outshone most commercial suites. Only McAfee and Norton managed to beat it, and then only by the tiniest whisker.
We do have one reservation. While successfully blocking almost every threat, Defender also racked up an unexpectedly high number of false positives. To be sure, 32 erroneous detections versus more than 10,000 successful saves isn’t bad, but it’s behind most of the competition.
What’s more, because Windows Defender hides its workings away from the user as far as possible, false positives can be difficult to diagnose and resolve. It takes a lot of tiresome clicking around in the Windows Security app to find out exactly what’s been blocked, and to mark it as safe and restore it.
Windows Defender review: Will it slow your computer down?
By default, Defender is always running in Windows, so you won’t normally notice its impact on performance. Even so, it does slow things down – and we can test how much by measuring how performance changes when you replace Defender with a different security suite. We did this using our own web-based benchmark, which downloads and opens various sets of files in Google Chrome running on Windows 11.
This showed Windows Defender to be a middling performer. It did prove faster than several commercial suites: for example, opening ten JPEGs and ten PDFs in the browser with Defender installed took a total of 0.96 seconds and 0.84 seconds respectively. With AVG Internet Security those same files took 2.5 and 2.3 seconds to open; with Panda Dome they took 4.4 and 4.1 seconds.
Similarly, saving a set of ten EXE files and Zip archives took 6.0 and 17.7 seconds with Defender active. That again put it ahead of AVG, which took 9.6 and 42 seconds to download the files, and ahead of G Data Internet Security, which took 7.4 and 19.5 seconds.
On the whole, though, most third-party security solutions were faster than Windows Defender. Bitdefender, Eset and Kaspersky all managed to open our JPEGs and PDF files in less than half a second; McAfee and Norton downloaded the EXE files in under four seconds and knocked at least two seconds off Defender’s time for downloading the ZIP files.
AV-Comparatives.org reported similar findings in its October 2022 performance tests. Across a range of desktop and online tasks, it rated Windows Defender’s performance “mediocre” for file copies, archiving and unarchiving files and installing applications. When AV-Test.org measured Defender’s performance in January and February 2023, it found an average 23% impact on the speed of installing applications, and a heinous 44% reduction in speed for file copies.
While we’re on the subject of speed, it’s worth reiterating that interacting with the various components of Windows Defender can also be frustratingly slow. Finding a specific feature or a piece of information can be a tedious quest, with key items scattered across different pages, hidden behind text links and often pushed off the bottom of the window entirely by an excess of white space.
Windows Defender review: Should you buy it?
If you’re using Windows you already have Defender, so the question is really whether you should stick with it. There are good arguments for doing just that: for value it’s unbeatable, and compared to any third-party security suite – free or paid for – it’s supremely unobtrusive. More to the point, it does a stand-up job of blocking malware and online threats, which is after all the point of the exercise. A typical Windows user may well never need anything more.
It’s not quite the perfect package, however. If you want to get the very best performance out of your hardware, there are plenty more lightweight packages to choose from.
Defender is also a bit of a pig to configure and manage, and it lacks snazzy add-on features such as a VPN, a home network scanner or active data-breach monitoring. That doesn’t mean it won’t keep you safe but, if you like to take hands-on control of your security, you might prefer to look beyond Defender for something more versatile and with a more user-friendly interface.