Home / Software & Gaming / Security / Do you use an antivirus client or just Windows Defender?

Do you use an antivirus client or just Windows Defender?

I admit it, I don’t like taking risks. I always use an antivirus package on my Windows systems and my friend says that I am unnecessarily ‘slowing down my system’ because with safe surfing there is actually no need to install one.

If you have installed Windows 8 you may be under the impression that it is safer, but there are still risks. Research from BitDefender has shown that running without antivirus installed is not that safe.

The company analysed the situation and found that 15 percent of the malware code was still able to run on Windows 8 with Windows Defender installed. This worked out at 61 of 385 malware samples the company tested.

We all know Windows Defender isn’t the most sophisticated software, but as some would say – some protection is better than nothing. The company tested this theory by turning off Windows Defender and re-running the same tests. 234 of the 385 samples were able to run successfully. 138 of the rest failed to run at all on Windows 8, six ran and crashed and seven were denied elevation of privileges by User Access Control (UAC).

Windows 8 is already getting its first patch tomorrow, with three of the bulletins marked as ‘Critical’.

Alexandru Catalin Cosoi, chief security strategist at BitDefender said “This is a great improvement over the out-of-the-box security of Windows 7, for instance, where 262 of the 385 samples ran without any problems. The preinstalled Windows Defender that now ships with Windows 8 makes a difference when it comes to narrowing the impact of malware.”

Microsoft said in response that they are “committed to providing a trustworthy computing experience and continues to invest heavily in continuously improving our security and protection technologies.”

Cosoi handled the tests using three different machines running Windows 7, Windows 8 and Windows 8 with Windows Defender disabled. These all booted from a network boot server. The booting process then passed system control to a script inside the OS which copied the malware samples from the network server and then executed it locally.

Cosoi added “After the execution attempt, we compared the process and registry differences between the initial state of the machine and the post-execution state to see if the sample that got executed spawned its own process, modified another process and/or created additional registry entries and files. These differences got logged into a database. Then the machine got rebooted to its clean state pending another round of tests.

In order to ensure the optimal conditions for the test, we synchronized the process to execute the same sample at the same time on all three machines. Since the process was fully automated, we did not consider zero-day exploits that are usually delivered via browser, Flash or Java. We also did not include malicious non-executable scripts such as PHP files or JavaScript, as they can’t cause direct damage to the PC.”

Kitguru says: The outcome shows that Windows 8 has better ‘default’ security than Windows 7, but it still needs extra protection.

Become a Patron!

Check Also

Ransomware group ‘Egregor’ has reportedly stolen data from Ubisoft and Crytek

Egregor, a ransomware group, has apparently compromised the internal networks of both Ubisoft and Crytek, stealing …