Jump to content
  • AV-Comparatives finds Windows Defender suffering from poor offline detection, false alarms


    Karlston

    • 591 views
    • 3 minutes
     Share


    • 591 views
    • 3 minutes

    Anti-malware assessment company AV-Comparatives has released its latest September 2022 report today. The report has found that Microsoft's in-house Defender antivirus has one of the poorest offline detection rates at just 69.8%. Meanwhile, G DATA has topped the chart with 96.0%. This means Microsoft Defender relies heavily on cloud-based protection. Although this is really poor compared to the other contenders, the result is significantly better than what Defender managed to do in the previous March test.

     

    On the contrary, the online detection and protection rates for the Microsoft product are among the best. In case you are wondering what the difference between protection and detection is, here's how AV-Comparatives defines the two:

     

    The File Detection Test we performed in previous years was a detection-only test. That is to say, it only tested the ability of security programs to detect a malicious program file before execution.

     

    This Malware Protection Test checks not only the detection rates, but also the protection capabilities, i.e. the ability to prevent a malicious program from actually making any changes to the system.

     

    You can find the full comparison of the various anti-malware solutions for offline and online detection rates, as well as the protection rates in the image below:

     

    1665693528_av-comparatives_sept_2022_onl

     

    As you may have noticed above, Defender not only has one of the worst offline detections, it also suffers from a lot of false positive alarms. This is something Defender has been struggling with for a while, as we have had several instances of it recently. This is despite Microsoft openly expressing it wanted to improve in this aspect.

     

    Thankfully for Microsoft, it also got compromised in just 1 out of 10,019 malware sample cases. Meanwhile, Trend Micro did worst of all, as it has 259 compromises. The products have been classified in clusters (either 1, 2, 3, or 4) depending on their protection rates:

     

    1665693522_total_protection_rate_av-comp

     

    Here is the full test results showing the breakdown of each of the percentage categories - compromised, user-dependent, blocked, and false positives:

     

    1665693515_total_test_all_samples_av-com

     

    Lastly, we have the final rankings of all the products. The rankings are based on how the anti-malware solutions have done with respect to their statistical clusters assigned (image above) and the total false positives detected.

     

    1665696584_cluster_and_false_postive_tal

     

    1665693509_malware_protection_test_sept_

     

    Defender managed to score the ADVANCED+ award last time, but this time has to settle for ADVANCED. AV-Comparatives has, however, acknowledged that the very high number of false positives has affected this.

     

    Source: AV-Comparatives

     

     

    AV-Comparatives finds Windows Defender suffering from poor offline detection, false alarms

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...