Let’s just say that Microsoft Defender, the flagship component of Windows Security, has had its ups and downs. Its performance and detection rate have been all over the place lately in tests and benchmarks.
But Defender has made a name for itself in ransomware protection—malware that locks up your data and requires you to pay to get access back. This is not surprising, considering how well the security solution is entrenched in the OS itself.
The folks at AV-TEST recently tested this to see how well Microsoft Defender performs.
Describing its advanced ransomware test, the company states:
“The Advanced Threat Protection tests provide vendors and users with substantial findings as to how securely a product can protect against ransomware in real-life scenarios.
All the products have to successfully defend against ransomware in 10 real-life scenarios under Windows 10. The test involves threats such as files containing hidden malware in archives, PowerPoint files with scripts or HTML files with malicious content.”
A total of 12 products were put through the paces in the home user/consumer category, while 14 were tested in the business category.
The following images show how Microsoft Defender conducted itself for home users in ten test scenarios.
It detected the infection in the very first initial access phase in all but one case, which is impressive. For business users, it went even better, detecting the infection in the initial phase in all ten test scenarios.
The final scores obtained by the antimalware products are displayed in the images below.
In this case, the scores don’t really mean much, as the real observation in this test was to see just how quickly products can detect and successfully block ransomware. Microsoft Defender passed it with flying colors, while competing solutions like McAfee and Trellix did not.
Good.