Windows Defender is the built in antivirus program included free with Windows 10. It provides all the security that you need, quietly and efficiently. The combination of Windows Defender and all the security improvements in Windows over the last ten years means that you don’t need an antivirus program from Norton, Avast or the rest; they’re noisy and cause problems and don’t provide any important additional protection.
(Make no mistake: the bad guys have been studying ways to bypass your computer security for years. Their exploits sidestep antivirus programs without even breaking a sweat. You can bring down your computer with a single click regardless of whether you’re running Windows Defender, Norton Antivirus, or any other program. Study the Rules for Computer Safety!)
The basic functions in Windows Defender carry on from its predecessor, Microsoft Security Essentials, introduced in 2009 for Windows 7. Windows Defender scans continuously, watching your downloads and email attachments and computer activity for malware – viruses, spyware, rootkits, and the rest of the bad guy arsenal. Virus definitions are updated several times each day. Windows Defender automatically does periodic scans of your system. It is designed to work without any need for you to pay attention to it; unlike other programs, Windows Defender is almost invisible and never intrudes unless it detects an active attack that needs your attention.
Microsoft made a few changes in Windows Defender for the Anniversary Update, now rolling out to Windows 10 computers. (The rollout is going slower than expected. Most Windows 10 computers have not gotten it yet. There’s no explanation yet from Microsoft about why it’s taking so long.)
New features in Windows Defender:
• The return of the taskbar icon – a small change but very comforting!
• A choice of notifications, in case you want more reassurance that it’s working normally
• Easy access to offline scans for additional protection
• Limited periodic scanning even if another security program is installed
The return of the taskbar icon
The little shield by the clock means Windows Defender is running.
When Windows 10 was released last year, Microsoft removed any visual indication that Windows Defender was running. The idea was that security protection is built so deeply into Windows that you shouldn’t need reassurance. After all, there’s no icon to show us that Windows defrags hard drives or runs regular diagnostics; if we ever think about it at all, we just trust that those things are being handled automatically.
But Microsoft found out that security is different. There was something reassuring about the checkmark in the Security Essentials icon. Many people were confused or upset when there was no icon for a security program in Windows 10. The lack of an icon confused many people into thinking that Windows 10 did not include any security protection, leading them to get unnecessary third-party programs.
The icon is back! After the Anniversary Update is installed, you’ll see the shield shown in the above picture. It will display a flag if something needs attention.
If you happen not to want the icon, the process to get rid of it is not exactly intuitive: right-click the taskbar and click on Start Task Manager; click More Details; click the Startup tab; and disable Windows Defender notification icon in the list. The program will still run but the icon will disappear after the next restart.
Windows Defender will always notify you if it detects anything that needs immediate attention. Enhanced notifications will also notify you of the routine work done by Windows Defender. You’ll get notification windows in the lower right of the screen, like the picture above, and notices in the Notification Center that pops up when you click the taskbar icon at the far right.
You can turn Enhanced Notifications on and off with a switch in Settings / Update & Security / Windows Defender, shown below.
Easy access to offline scans
Windows Defender Offline can scan your computer for viruses in a special session where Windows is not running, which means the virus has no way to protect itself from being found and deleted.
Once you have a virus on your system, it’s difficult to remove it while Windows is running. Many viruses block antivirus programs from running and the viruses lock their files and processes to make it nearly impossible to remove them.
Windows Defender Offline boots the computer with a reduced operating system that does not depend on any of the normal OS files on the hard drive. This has been possible for a couple of years by preparing a bootable USB stick or DVD. I carry around a USB stick that I can use to boot a computer and scan for viruses with Windows Defender Offline.
That’s always been clumsy. You don’t keep a USB stick around with Windows Defender Offline loaded on it. The USB stick doesn’t stay up to date, so it’s not helpful against the latest viruses unless I remember to update it periodically.
After the Anniversary Update, Windows Defender will initiate an offline session itself using the latest virus definitions, if it discovers malware and needs the offline session to finish cleaning it.
You can also start an offline session any time from Start / Settings / Update & Security / Windows Defender. That provides a convenient new way to do a very deep scan for viruses if you suspect something is on your system, even if the program has not alerted you.
This is an important improvement in security! Malware frequently has required hands-on work by a consultant, or an expensive trip to the shop. This button might save you money and get you back to work faster next time.
From my perspective, this is a Very Big Deal™.
Limited periodic scanning
If you install another security program, Windows Defender automatically disables itself. (If you remove the other program, Windows Defender automatically turns itself back on. Nice!)
A new option appears in Settings after you install a third-party program. Windows Defender can still provide some protection without interfering with your other program, using a new feature, “Limited periodic scanning.” Every so often, while Windows is doing its other regular maintenance chores, Windows Defender will scan the computer for threats. In most cases, Windows Defender will clean the system automatically, just as it does when it runs normally. If necessary, you’ll get a notification that some action is required.
The check is done when you’re not using the computer and requires almost no system resources. If you’re running another program, you should absolutely enable this feature by clicking the switch shown in the above screenshot, found in Start / Settings / Update & Security / Windows Defender. Note that you won’t see that option if you’re not running another program like Norton or Avast! If your protection comes from Windows Defender, the above option won’t be there.
There, now, do you feel safer? I hope not. If you’re feeling safer, then you’re missing the point. Antivirus software will not protect you against malware if you click OK at the wrong time. Go back and read the Rules for Computer Safety again. And be careful out there!