We may earn a commission when you buy software.

Microsoft Defender Review (2025): Is it the right choice?

By Tibor Moes / Updated: January 2025

Microsoft Defender Review 2025

Microsoft Defender Review 2025

Microsoft Defender is ranked #20 of the 28 best antivirus of 2025.

Microsoft Defender has excellent anti-malware protection (even surpassing some antivirus brands), a few security features, and it is included for free with Windows 365. But it has a noticeable impact on your PC’s speed.

In essence, it remains a free antivirus program. Its features include real-time protection, a firewall, and basic parental controls. But it misses a VPN, password manager, dark web monitor, identity theft protection, and more.

So, if you only want malware protection, it could be enough. But if you want complete protection for your identity, privacy, and devices, buy a security suite like Norton 360 Deluxe.

  • Malware protection: 90%. Microsoft detected and removed many of the 1,200 malware samples in our test, but not all.
  • Speed impact: 70%. Microsoft’s anti-malware engine is not lightweight; it had a noticeable impact on the speed of our test PC.
  • Features: 40%. It offers anti-malware, anti-phishing, and a firewall. But misses a VPN and password manager.
  • Price: 100%. It is included for free with a Microsoft 365 subscription. However, we believe Norton is worth the upgrade.

In short, Microsoft Defender is not the best choice for your security.

Norton is the best choice in 2025.

Norton has the best malware protection, excellent features and a fair price. It is the winner in our antivirus test.

  • Protection: 100%. Norton stopped all 1,200 malware in our test.
  • Features: 100%. Anti-phishing, firewall, VPN, and more.
  • Speed: 100%. Norton did not slow down our test PC.

Try it risk-free, thanks to its 60-day return policy.

Full Review

Microsoft Defender offers essential security features for 2025 but lacks additional tools like a free VPN and password manager, which are included in the paid Microsoft 365 plans. For a more feature-rich free antivirus, Avira Free Security is a better alternative, offering extras like a performance optimizer and secure browser. Norton, though not free, is the top premium choice, with a 60-day money-back guarantee and enhanced tools like a password manager and system optimization features.

Anti-malware

Microsoft Defender provides a decent malware scanner, leveraging a large malware database, machine learning, and heuristic analysis to detect threats like trojans, worms, cryptojackers, and rootkits. It offers four scan types: Quick, Full, Custom, and an Offline scan for hidden malware.

In our tests, the Quick scan took about 5 minutes and successfully detected malware in critical system folders, though Bitdefender’s scan was much faster. The Full scan took over an hour and missed some samples, while Norton’s scan was quicker and more thorough. The Custom scan works but has a less intuitive interface compared to competitors, and the Offline scan was effective but could be more convenient, as Norton offers easier recovery tools.

Overall, Microsoft Defender’s malware protection is solid, but premium options like Norton and Bitdefender provide faster, more comprehensive scanning features.

Anti-phishing

Microsoft Defender’s anti-phishing and app protection tools offer solid defense but come with some limitations. Its reputation-based protection uses a large online database to block low-reputation apps and websites, effectively preventing phishing and harmful downloads, though it misses some threats compared to top competitors like McAfee and TotalAV. Whitelisting false positives is simple, a feature that’s more cumbersome in other programs like ESET.

Exploit protection works automatically and guarded well against most simulated attacks, though it missed some advanced exploits that Norton 360 handled.

Smart App Control goes a step further by whitelisting apps based on their reputation, but it’s quite restrictive. It blocked several safe apps during testing, and there’s no way to add exceptions. The Evaluation Mode scans for false positives and can prevent the feature from being fully activated. If disabled, Smart App Control can’t be reactivated without reinstalling Windows, which makes it inflexible.

Overall, while Smart App Control provides strong protection for non-technical users with basic needs, it may frustrate those using niche or gaming apps due to its lack of flexibility and frequent false positives.

Firewall

Microsoft Defender’s firewall offers strong monitoring of inbound and outbound traffic but falls short on user-friendliness compared to competitors like Norton and Intego. Navigating basic options, such as allowing apps through the firewall or toggling notifications, can be cumbersome due to scattered menus and the need for administrative access to make changes.

On the plus side, its advanced settings are robust, letting users create specific rules, authenticate communications, and monitor connections based on different profiles (e.g., home or work). Advanced users will appreciate the detailed view of connections, protocols, and ports, as well as the ease of modifying rules.

While the firewall provides solid protection, it doesn’t block as many suspicious connections as some competitors and can be frustrating to configure for basic tasks. However, for those who need deeper control over their network settings, it’s a capable tool.

Other security features

Account Protection

Windows Defender’s Account Protection offers basic tools to secure your account but lacks depth compared to other solutions. It allows users to:

  • Connect Windows and Microsoft accounts.
  • Access Windows Hello 2FA settings.
  • Enable Dynamic Lock.

While connecting accounts can sync passwords and aid in recovery, it doesn’t provide significant added security. Windows Hello supports facial recognition, fingerprint, PIN, or U2F key authentication, though facial recognition is limited by webcam compatibility. Dynamic Lock automatically locks your PC when your phone is out of range, but it feels more like a gimmick given the ease of using shortcuts like Windows key + L.

Device Security

Device Security offers advanced protection like Core Isolation, which isolates critical processes from malware without noticeable performance impacts. However, this feature mainly protects against rare forms of malware, and unlike competitors such as Avira and Comodo, it doesn’t allow users to isolate specific apps.

The feature set is further limited by hardware requirements like TPM 2.0 and secure boot, which might be unavailable on older systems.

Device Performance & Health

This feature offers insights into system issues like time service problems, low storage, or battery life. However, it doesn’t include optimization tools, and users cannot run manual scans. Fixes are typically one-click, but it’s frustrating that performance scans only run at set intervals. Unlike TotalAV, which offers an on-demand PC optimizer, Windows Defender lacks any meaningful system enhancement tools.

Additionally, the Fresh Start feature has been removed from the UI, making it harder to reinstall Windows while retaining personal files.

Ransomware Protection

Windows Defender offers Controlled Folder Access to protect against ransomware, but it’s cumbersome to set up and is turned off by default. You must manually add folders beyond the default protected ones, and false positives are frequent, requiring constant app whitelisting.

Additionally, Windows promotes OneDrive backups as part of its ransomware protection, but this feels more like a backup feature than a genuine ransomware defense.

Parental Controls

Windows Defender’s parental controls are basic and hard to set up. Features include content filters, screen time monitoring, and geofencing, but they are limited in functionality and only work on Microsoft Edge. Competitors like Qustodio and Norton offer broader web filtering across multiple browsers and more category-specific controls.

One standout feature is Xbox screen time monitoring, but overall, the setup process is complex, requiring child accounts with email addresses, making it less user-friendly.

Click the links to read the reviews of the best antivirus of 2025:

🥇 Norton 360 Deluxe – The #1 in 2025
🥈 Avast Antivirus One
🥉 TotalAV Antivirus

Or read our complete comparison of the best antivirus for Windows 11.

Test score comparison

We conduct in-house anti-malware tests and review the results from AV-Test, a German lab renowned for its objective evaluations. Below is the average of the last 10 AV-Test results for Windows. Their scoring criteria are:

  • Protection (1-6): Effectiveness in blocking malware.
  • Performance (1-6): Impact on system speed.
  • Usability (1-6): Frequency of errors like false alarms.

We calculate a final score using this formula:

Final Score = 60% Protection + 20% Performance + 20% Usability.

While these results influence our choice of the best antivirus for Windows 11, other factors like privacy and identity protection also play a key role. For a similar analysis for Android or macOS, visit our other comparisons:

Note: Brands not listed in the table either do not participate in AV-Test trials or are tested too infrequently, such as Surfshark Antivirus.

Source: AV-Test (Last updated: December 2024).

Final Score
Protection
Performance
Usability
6.0
6.0
6.0
6.0
6.0
6.0
5.9
6.0
6.0
6.0
5.9
6.0
6.0
6.0
5.9
6.0
6.0
6.0
5.9
6.0
5.9
6.0
5.9
5.9
5.9
6.0
5.9
5.9
5.9
6.0
5.8
6.0
5.9
6.0
5.5
6.0
5.9
5.8
5.8
6.0
5.8
5.8
5.7
6.0
5.8
5.7
6.0
5.8
5.6
6.0
6.0
4.0
5.6
5.4
5.8
6.0

Click the links to read the reviews of the best antivirus of 2025:

🥇 Norton 360 Standard – The #1 in 2025
🥈 Avast Antivirus One
🥉 TotalAV Antivirus

Or read our complete comparison of the best antivirus for Mac.

Price comparison

We’ve compared the prices of the top antivirus products for Windows. To make it a fair comparison, we looked at what it would cost us, to protect a  single Windows PC with the most essential features:

  • Anti-malware
  • Anti-phishing (web protection)
  • Firewall
  • Password manager
  • Unlimited VPN (no data limit)

A few notes:

  • Some brands are missing features, lowering their value for money.
  • Prices are second-year prices in the USA, without first-year discounts.
  • Prices are rounded up for readability (e.g., $99.99 becomes $100).

Brands have different prices outside the USA. See those on their website.

Total price
Missing features
$ 50
No firewall, password manager, and VPN
$ 76
No firewall and password manager
$ 80
No firewall and password manager
$ 90
No firewall
$ 130
No password manager
$ 180
No firewall

Click the links to read the reviews of the best antivirus of 2025:

🥇 Norton Antivirus Plus – The #1 in 2025
🥈 Avast Antivirus One
🥉 TotalAV Antivirus

Or read our complete comparison of the best antivirus for Android.

User reviews

We’ve compared the user reviews of all antivirus brands. We’ve used the scores and review count of TrustPilot, a leading user review platform. 

We consider scores above 4.0 very good. Lower scores indicate that the brand might have a poor product or customer service. McAfee’s scores, for instance, are worrying.

Source: TrustPilot. Last Update: December 2024.

Review score
Review count
4.8
8,400
4.6
116,500
4.4
33,000
4.3
1,600
4.3
21,000
4.2
21,800
4.1
8,600
4.1
29,000
3.9
13,300
3.8
4,100
3.8
9,000
3.6
8,800
1.2
2,600

Click the links to read the reviews of the best antivirus of 2025:

🥇 Norton 360 Advanced – The #1 in 2025
🥈 Avast Antivirus One
🥉 TotalAV Antivirus

Or read our complete comparison of the best antivirus for iOS.

How we test antivirus software

At SoftwareLab, we provide thorough and unbiased antivirus reviews to help you make informed cybersecurity decisions. Our comprehensive testing covers all critical aspects of antivirus performance. We assess each product in six key categories, weighted by importance:

For even more details, visit our blog posts on how we test antivirus software.

Anti-Malware Protection (30%)

We evaluate how well the antivirus detects and removes various malware types like viruses, trojans, ransomware, and spyware.

In-House Testing: Using 1,200 diverse malware samples, we conduct real-time attack simulations to assess detection and neutralization of known and emerging threats through signature-based and heuristic analysis.

Independent Lab Results: We incorporate findings from respected institutes like AV-Test, SE Labs, and AV-Comparatives to validate our results.

Security and Privacy Features (30%)

We assess additional tools that enhance cybersecurity:

Web Protection: Testing the software’s ability to block phishing sites and web-based threats by accessing known malicious websites.

Firewall: Evaluating effectiveness using intrusion simulations and the ShieldsUP! test to secure network ports and monitor traffic.

Password Manager: Assessing capabilities to generate, store, and auto-fill complex passwords, plus features like two-factor authentication and biometric login.

VPN: Evaluating security protocols, encryption, speed, server locations, data limits, and support for streaming and peer-to-peer sharing while hiding IP addresses.

Parental Controls: Testing screen time management, content filtering, location tracking, and resistance to bypass attempts to protect children.

Identity Theft Protection: Assessing monitoring of personal info and responsiveness to potential identity theft alerts.

Secure Cloud Storage: Evaluating capacity, security, usability, and features like file encryption and secure sharing.

Anti-Ransomware: Simulating attacks to test detection and blocking of unauthorized encryption via behavioral detection and exploit prevention.

Dark Web Monitoring: Checking effectiveness in scanning the dark web for personal info and providing timely alerts.

System Performance Impact (10%)

We measure how the antivirus affects device performance during everyday tasks:

Resource Usage: Monitoring CPU and memory during scans and real-time protection.

Performance Tests: Evaluating impact on launching apps, downloading files, browsing websites, and copying data, aligned with AV-Test criteria.

False Positives (10%)

Accuracy is crucial to avoid interruptions:

False Positive Detection: Assessing how often legitimate applications or files are incorrectly flagged.

Usability Tests: Referencing AV-Test evaluations to gauge false positive frequency for effectiveness and user-friendliness.

Price and Value (10%)

We analyze overall value by comparing features to cost:

Cost Analysis: Considering subscription prices, device coverage, and multi-year plans.

Feature Evaluation: Assessing if included features justify the price compared to competitors.

Ownership and Reputation (10%)

Trust is essential in cybersecurity providers:

Company Background: Researching history, industry track record, mergers, or acquisitions.

Privacy Policies: Examining data handling, privacy commitment, and compliance with regulations.

Ethical Conduct: Investigating past unethical behavior, data breaches, or controversies.

Click the links to read the reviews of the best VPN of 2025:

🥇 NordVPN – The #1 in 2025
🥈 Surfshark
🥉 Norton VPN

Or read our complete comparison of the best VPN of 2025.

Author: Tibor Moes

Author: Tibor Moes

Founder & Chief Editor at SoftwareLab

Tibor has tested 28 antivirus programs and 25 VPN services, and holds a Cybersecurity Graduate Certificate from Stanford University.

He uses Norton to protect his devices, NordVPN for his privacy, and Proton for his passwords and email.

You can find him on LinkedIn or contact him here.

Microsoft Defender Review 2025

Microsoft Defender

Rating: 3 of 5

Save on the best antivirus of 2025:

🥇 Norton Antivirus (60% off) 🔥
🥈 Avast Antivirus
🥉 TotalAV Antivirus