Microsoft Windows Security review: Minimum effort
It’s the easiest security solution imaginable – but these built-in protections aren’t without their foibles
Formerly known as Defender, Windows 10’s built-in antivirus tool now nestles among a whole suite of integrated security modules, within an umbrella app that’s simply called Windows Security. Some of these other components extend your protection in quite clever ways: for example, the Controlled Folder Access feature can stop ransomware in its tracks by blocking unrecognised applications from writing to your personal folders.
Microsoft’s SmartScreen technology has also evolved to take advantage of Windows 10’s extensive (and somewhat controversial) telemetry features, using them to identify and block programs with suspicious global usage patterns. Similar checks are built into the Edge browser and the Microsoft Store to help protect you from suspicious websites, downloads and apps.
The console also collects together various features that were scattered throughout the Settings app. These include Secure Boot, which can defeat rootkits by preventing the BIOS from running startup code without the right cryptographic signature – and Windows Hello, which replaces your password with biometric authentication. Windows’ built-in parental controls are managed from here too, as is the integrated firewall.
With all this built into the OS, you might wonder why you would need to install additional security software. Indeed, a 100% overall protection rating from AV-Comparatives and AV-Test provides reassurance that, if you simply leave Windows with its default protections enabled, you’re unlikely to get infected.
The trouble is that living with Windows Security isn’t a pleasant experience. When the system thinks it’s found a threat, it pops up a terse notification, reporting only that the antivirus component “found threats”. If you want to know what they were or what Windows did about them, you have to burrow into the Security app, locate the pertinent timestamp in the event list and approve a UAC request just to see the basic details.
That’s not a one-off, either – it’s par for the course with Windows Security. The process of allowing an application through Controlled Folder Access is just as labyrinthine, which is perhaps why that feature is unhelpfully turned off by default. Even finding your way around can be a chore: basic security settings rub shoulders with obscure technical controls, and since almost every page is presented in the form of a loosely spaced list of text items, taking stock of what’s in front of you involves a tiresome amount of skimming and scrolling. Exceptions include the firewall, which opens as a Microsoft Management Console (MMC) snap-in, and the Family Safety controls, which as always are managed from a colourful web console.
Perhaps the most frustrating thing about the awful design of Windows Security is that you can’t entirely avoid it. Across AV-Comparatives and AV-Test’s malware tests, the antivirus module racked up five false positives – implying that, sooner or later, you may need to go in and restore a file that’s been wrongly blocked. Even after you have gone through the rigmarole of rescuing an item from quarantine, Windows will zap the file again the next time you access or scan it – unless you burrow into the settings page, scroll down and step through the laborious process of manually adding the file to your Exclusions list.
The Forrester Wave: Top security analytics platforms
The 11 providers that matter most and how they stack upFree download
If all of this is starting to turn you off Windows Security, this next part might finish the job: of the security suites we’ve tested recently, Microsoft’s own code ranked dead last in terms of system performance. Manual scanning proved slow too, and the predicted completion times had no relationship with reality at all. At one point, the virus scanner was telling us that it expected to be finished in 13 seconds, when in fact there was more than six minutes of grinding still to go.
We’d love to be more positive about Windows Security. Microsoft deserves credit for always working to make Windows safer, and for bringing antivirus performance up to levels that match the best paid-for security suites. And it makes sense to collect Windows’ growing range of security features under one roof.
Unfortunately, Microsoft hasn’t paid attention to the user experience, leaving us with a sprawling mishmash that’s neither efficient nor intuitive. Perhaps the major saving grace of Windows Security is that the key modules disable themselves when you install a third-party alternative – which we strongly recommend you do – while the firewall and other low-level protections continue to do their thing behind the scenes.
What 2023 will mean for the industry
What do most IT decision makers really think will be the important trends and challenges in the coming year?Free Download
2022 Magic quadrant for Security Information and Event Management (SIEM)
SIEM is evolving into a security platform with multiple features and deployment modelsFree Download
IDC MarketScape: Worldwide unified endpoint management services
2022 vendor assessmentFree Download
Magic quadrant for application performance monitoring and observability
Enabling continuous updating of diverse & dynamic application environmentsView Now