Microsoft Defender 2024: Review Summary
Microsoft Defender is ranked #20 of the 28 best antivirus of 2024.
Microsoft Defender has excellent anti-malware protection (even surpassing some antivirus brands), a few security features, and it is included for free with Windows 365. But it has a noticeable impact on your PC’s speed.
In essence, it remains a free antivirus program. Its features include real-time protection, a firewall, and basic parental controls. But it misses a VPN, password manager, dark web monitor, identity theft protection, and more.
So, if you only want malware protection, it could be enough. But if you want complete protection for your identity, privacy, and devices, buy a security suite like Norton 360 Deluxe.
- Malware protection: 90%. Microsoft detected and removed many of the 1,200 malware samples in our test, but not all.
- Speed impact: 70%. Microsoft’s anti-malware engine is not lightweight; it had a noticeable impact on the speed of our test PC.
- Features: 40%. It offers anti-malware, anti-phishing, and a firewall. But misses a VPN and password manager.
- Price: 100%. It is included for free with a Microsoft 365 subscription. However, we believe Norton is worth the upgrade.
If you want the best protection, we recommend Norton.
|Ranking||#20 of 28|
Microsoft Defender 2024: Full Review
After running tests on Microsoft Defender, we found it covers the basics well enough for 2024, but falls short on extras like VPN and identity theft protection. If you’re after a free option with more bells and whistles, we recommend Avira Free Security. In our trials, it matched Microsoft Defender’s core functions and also offered perks like a performance optimizer and a secure browser.
For those willing to splurge, Norton stands out as the top premium antivirus this year. It doesn’t have a free plan, but there’s a 60-day money-back promise. In our testing, Norton not only met but exceeded the capabilities of Microsoft Defender by adding features like a password manager, VPN, and dark web monitoring. So, you get what you pay for.
In our testing, we found Microsoft Defender’s malware scanner to be decent but not exceptional. It offers four types of scans: Quick, Full, Custom, and an Offline scan. The Quick scan was fast, taking about 5 minutes, and effectively identified malware in critical system areas. However, Bitdefender’s quick scan beat it in speed, wrapping up in less than a minute.
The Full scan was more time-consuming, taking over an hour, and it missed some malware samples. In contrast, Norton’s full scan took only 40 minutes and detected everything. Microsoft Defender’s Custom scan is useful but clunky; it opens a whole window to show results, unlike competitors that use simple taskbar notifications.
The Offline scan was unique, rebooting the system to scan before Windows started, but it still missed some threats. Norton, on the other hand, offers downloadable recovery tools that run without booting into your OS.
So, while Microsoft Defender is okay for basic malware protection, our tests showed that Norton and Bitdefender outperform it in both speed and efficacy. If you want better than just the basics, you might want to look elsewhere.
We’ve tested Microsoft Defender’s firewall and found it to be solid for monitoring both incoming and outgoing traffic, but it’s not as user-friendly as the likes of Norton or Intego for Mac. For instance, making basic changes requires you to jump between different menus, which can be frustrating.
However, the advanced settings are a highlight. They offer granular control over rules and allow detailed monitoring, appealing to advanced users. You can easily see specifics like which rules apply to a connection, the protocols used, and even the allowed port.
Despite its capabilities, Microsoft Defender’s firewall doesn’t block as many suspicious connections as its competitors. Overall, it offers good monitoring and advanced customization but suffers from a clunky interface and less effective blocking. If ease of use and stronger blocking are important to you, you might prefer alternatives like Norton.
In our examination of Microsoft Defender’s Account Protection features, we found them to be rather basic. The tool allows you to connect your Microsoft account, access Windows’ 2FA settings, and enable Dynamic Lock. While these are functional, they don’t offer much beyond the basics.
The Windows Hello 2FA feature is interesting, letting you log in using various methods like facial recognition and fingerprint scanning. However, the lack of a list of compatible webcams for facial recognition can be frustrating. Dynamic Lock is another feature that automatically locks your computer when paired with your distant phone, but we didn’t find it particularly useful compared to simply pressing CTRL+L to lock your PC manually.
In summary, while Microsoft Defender’s Account Protection offers basic security measures, it pales in comparison to more comprehensive options like Norton, which provides advanced features like dark web monitoring for your email. Overall, it does the job but leaves much to be desired.
App and browser control
We evaluated Microsoft Defender’s App & Browser Control and found it to offer two main types of safeguards: Reputation-based protection and Exploit protection. Reputation-based protection uses a large database to score the trustworthiness of apps and websites in real-time. While effective in blocking many risky sites and apps, it didn’t outperform competitors like TotalAV and McAfee in our tests.
One upside is the ease of whitelisting false positives. Just a few clicks in the Protection History menu, and you can add exceptions, a process that’s more complicated in some rivals like ESET.
The Exploit protection feature worked well in our testing against most common exploit attacks on a Windows 11 system. But it wasn’t as robust as Norton 360 when it came to defending against more advanced exploit threats.
A side note for Windows 11 users: a known bug may hide the App & Browser Control feature from the Windows Security interface. But you can still access it via the Start menu’s search bar.
So, while Microsoft Defender’s App & Browser Control is fairly solid, it doesn’t quite measure up to some of the competition in terms of comprehensiveness and robustness.
In our assessment, Microsoft Defender’s Device Security offers some advanced features like core isolation, but its utility is a bit limited. Core isolation effectively shields critical processes in your computer’s memory from malware attacks, and we didn’t notice any performance issues when it was enabled. However, this sort of malware isn’t a significant risk for most users, and unlike competitors like Avira and ESET, Windows doesn’t offer the flexibility to isolate specific programs.
A major drawback is that Device Security is disabled by default on most systems. It requires a TPM 2.0 security processor and secure boot to be enabled, among other things. This means many users, particularly those who aren’t tech-savvy, won’t even know these features exist, much less how to enable them.
So, while Device Security has some merits, its limitations and the hurdles needed to activate it make it less appealing compared to more user-friendly options available from competitors.
Device performance and health
We checked out Microsoft Defender’s Device Performance & Health feature and found it to be somewhat lacking in terms of optimization. While it does offer insights on issues like Windows Time service, storage capacity, and battery life, it doesn’t actually help optimize your system performance. Unlike TotalAV, which comes with a one-click PC optimizer, Microsoft Defender only provides automated scans at certain intervals, offering no manual scan option.
Additionally, the option to reinstall Windows is confusing to locate due to outdated interface elements like the “Fresh start” button, which is actually a feature that has been removed since the Windows 10 2004 update. Now, you have to type “Reset this PC” in the Start menu to find the similar function.
Overall, Device Performance & Health may be useful for identifying problems but falls short on delivering solutions for optimization, a gap filled more effectively by competitors like TotalAV.
We explored Microsoft Defender’s Family Options and found them to be a mixed bag. The feature set is extensive, ranging from geofencing to activity reporting and content filtering. However, the ease of use leaves much to be desired. For instance, setting up geofencing involves a cumbersome process that requires your child to have a Microsoft email account, which isn’t a requirement in competing products like Qustodio and FamiSafe.
While Microsoft Defender does offer content filtering, its capabilities are pretty basic. The filters are limited to Microsoft Edge and lack category-based filtering, unlike Norton, which supports multiple browsers and offers 47 categories for more precise filtering.
One standout feature was the ability to monitor screen time on Xbox consoles, something we’ve only seen in Bark. But overall, Microsoft Defender’s Family Options are more difficult to navigate compared to specialized parental control apps. If you’re specifically looking for robust parental controls, you might be better off checking our list of the best parental control apps in 2024 or our top antivirus software with parental controls.
We delved into Microsoft Defender’s customer support and came away mostly impressed. The platform offers multiple avenues for help, from a dedicated Get Help app to live chat and phone support. The online resources are especially rich, featuring guides and videos that we found straightforward to navigate.
The live chat was generally efficient, although we did encounter a hiccup where a chat was abruptly terminated instead of being transferred to the appropriate department. That said, the agents we talked to were friendly and clear in their responses.
Support forums offer the advantage of community expertise but can be a bit chaotic when searching for specific solutions. Overall, given that Microsoft Defender falls under the Microsoft umbrella, it benefits from a comprehensive support network that we found to be among the industry’s best.
Plans and pricing
We evaluated the plans and pricing for Microsoft Defender and its Microsoft 365 packages. Microsoft Defender itself is free and built into Windows systems. However, Microsoft offers enhanced versions through its Microsoft 365 Personal and Family subscriptions.
For $69.99/year, the Personal package covers up to 5 devices and offers perks like real-time security alerts and 1TB of cloud storage. It’s a decent package, especially if you value the cloud storage and Microsoft Office apps included. However, it doesn’t offer features like a VPN or dark web monitoring, which you’d get with alternatives like Norton.
The Family plan, at $99.99/year, extends the Personal offering to 6 users and bumps the cloud storage to 6TB. Again, it’s a good value if you can utilize the extra storage. But, it also lacks advanced features like a VPN and more comprehensive parental controls, something we’ve seen in other premium antivirus suites like Norton 360 Deluxe.
Both plans offer a 30-day free trial, which is a good way to test out their features before committing. Overall, the plans are solid for the basic protections they offer, but they may not fully satisfy those looking for a more comprehensive security suite.
Test score comparison
Next to our own anti-malware tests, we analyze those by AV-Test. We’ve compared the results of the 10 most recent tests for Windows 10. The tests were performed by AV-Test, the German anti-malware test lab. They use three factors:
- Protection (1-6): Antivirus protection against malware attacks.
- Performance (1-6): System slowdown caused by the antivirus.
- Usability (1-6): Frequency of false alarms and disruptions.
We used their results, and this formula, to calculate the final score:
Final Score = 60% Protection + 20% Performance + 20% Usability.
Brands not listed in the table haven’t participated in the analysis by AV-Test. This is usually not a good sign. Because most reputable brands, except Panda, ESET, and Sophos, partake in the test.
We’ve compared the prices of the top antivirus products for Windows. To make it a fair comparison, we looked at what it would cost us, to protect a single Windows PC with the most essential features:
- Anti-phishing (web protection)
- Password manager
- Unlimited VPN (no data limit)
A few notes:
- Some brands are missing features, lowering their value for money.
- Prices are second-year prices in the USA, without first-year discounts.
- Prices are rounded up for readability (e.g., $99.99 becomes $100).
Brands have different prices outside the USA. See those on their website.
We’ve compared the user reviews of all antivirus brands. We’ve used the scores and review count of TrustPilot, a leading user review platform. However, take these results with a grain of salt, as some brands actively attempt to increase their ratings.
Personally, we are wary of exceptionally high scores. Especially those by brands such as TotalAV, known for aggressive marketing and sales tactics.
We consider scores between 4.0 and 4.5 good and realistic. Higher scores are dubious, and lower scores indicate that the brand might have a poor product or customer service. McAfee’s scores, for instance, are worrying.
How we test antivirus software
Below we describe how we run our tests. For even more details, visit our blog posts on how we test antivirus software.
Anti-malware protection test
We analyze antivirus software’s capability to detect and eliminate known and unknown malware, using heuristic analysis for behavior monitoring.
We conduct in-house tests and analyze those from labs like AV-Test, SE Labs, and AV-Comparatives to determine the best malware protection.
Malware includes adware, keyloggers, ransomware, rootkits, spyware, trojans, viruses, worms, and more. Other cyber threats, usually not classified as malware, are (zero-day) exploits, hacks, identity theft, phishing attacks, scams, and social engineering.
False positives test
False positives occur when antivirus software misidentifies legitimate software, files, or websites as malicious. We rely on AV-Test’s large-scale analysis of false positives in its usability test to guide our evaluations.
System performance test
We measure the CPU load during antivirus software system scans and consider AV-Test’s performance results on the slowdown caused by antivirus software when opening websites and handling software.
We evaluate two-way firewalls that filter incoming and outgoing data and allow users to set rules to regulate data streams. We use the ShieldsUP! test to determine if the antivirus software blocks all ports.
Password manager test
We assess password managers’ ability to create, store, and autofill secure passwords, as well as additional features like two-factor authentication and biometric login.
Virtual Private Network (VPN) test
We evaluate built-in VPNs on their security, privacy, speed, compatibility with streaming services, unlimited data access, and support for peer-to-peer networks and torrent clients.
Parental control test
We examine parental control features, such as screen time rules, website/app blocking, and real-world location tracking. We test these features on a device and attempt to circumvent them, checking if the activity is accurately reported in the parental control admin.
Anti-phishing protection test
We evaluate antivirus browser extensions that block phishing sites by installing them and attempting to visit dangerous URLs.
Ransomware protection test
We assess security suites’ ability to prevent data encryption through exploit prevention and behavioral detection during ransomware attacks.
Bonus features test
We test any additional cybersecurity tools such as:
- Ad Blocker
- Dark web monitoring (identity protection)
- Email protection
- File encryption
- File shredder
- Gaming mode
- Microphone protection
- PC maintenance features
- Secure browser (hardened browser to protect your online banking)
- Secure cloud storage (cloud backup)
- Spam filter
- Startup optimizer
- Tune up tools
- Virtual keyboard
- Webcam protection
Ownership and reputation test
We analyze the trustworthiness of antivirus companies, especially concerning customer data. We read press releases, news articles, and privacy policies to determine their reputation.
Frequently Asked Questions
Below are the most frequently asked questions.
Is Microsoft Defender a good antivirus program?
How do we test antivirus software?
We analyze the protection from malware, the performance impact on a PC, and the number of false positives. On top of that, we test various security features such as the firewall, password manager, VPN, and more.
Author: Tibor Moes
Founder & Chief Editor at SoftwareLab