Microsoft’s latest security report makes a case for why Windows 10’s Defender fallback is right for end-user security.
Microsoft recently settled a fight with Russian antivirus (AV) vendor Kaspersky Lab that could have resulted in regulatory attention over claims that Windows 10 disadvantaged third-party AV.
Kaspersky last week dropped its complaints after Microsoft agreed to several concessions that will appear in the Windows 10 Fall Creators Update, due out next month.
Since Windows 8, Microsoft has enabled Windows Defender when a third-party AV expires. However, Kaspersky complained that Windows 10 notifications made it too easy for users to miss an expired subscription alert. Microsoft also admitted to disabling third-party AV under certain circumstances.
Though Microsoft’s implementation of the Defender fallback wasn’t perfect, data in its latest Security Intelligence Report, volume 22, suggests that the concept was overall sound. It also offers a defense for its handling of AV in Windows 10 after bowing to Kaspersky’s demand for more compatibility testing time and the right to use its own expired subscription notifications.
Despite its popularity as a target, by far the biggest reason for Windows 7 machines being classed as not “protected” in Microsoft’s telemetry data is that they don’t run any antivirus.
Microsoft’s graph compares four main reasons why Windows Vista, Windows 7, Windows 8, and Windows 10 aren’t protected.
For Windows Vista and Windows 7, over 50 percent of unprotected machines aren’t running any AV. The remainder have AV installed, but it’s either switched off or doesn’t have up-to-date virus signatures.
By comparison, the main reason Windows 10 machines were unprotected was out-of-date signatures or the AV was snoozed, while Windows 8 and Windows 8.1 were mostly unprotected because the AV product was turned off.
Microsoft notes a possible explanation for Windows 8/8.1 is that several malware families are capable of switching off anti-malware products.
The graph says nothing about what proportion of users on each version of Windows are unprotected. In 2013 Microsoft reported that 24 percent of Windows PCs weren’t protected by up-to-date antivirus.
Back then, Microsoft encouraged Windows users to install one of several third-party products in addition to its own for protection. Today it’s had to publicly reaffirm several times that it really does believe a “healthy antivirus ecosystem” is what’s best for Windows 10 security.
Today, after large investments in Defender, Windows 10 built-in defenses, and its Windows Defender ATP service, it’s faced criticism for sidelining old partners.
Previous and related coverage
Microsoft has outlined how its new security app, due in the Creators Update, will bring together all Windows 10 security information and won’t prevent you from using third-party antivirus.
Microsoft will be adding a number of new security features to Windows 10 Fall Creators Update, but for Enterprise and Windows Server users only.