X
Tech

Windows 10 security: After Kaspersky fight, Microsoft talks up its case for Defender

Windows 7 machines mostly unprotected because they're not running any antivirus, says Microsoft.
Written by Liam Tung, Contributing Writer
screen-shot-2017-08-18-at-13-32-30.png

Most unprotected Windows 7 machines aren't running any antivirus.

Image: Microsoft

Microsoft's latest security report makes a case for why Windows 10's Defender fallback is right for end-user security.

Microsoft recently settled a fight with Russian antivirus (AV) vendor Kaspersky Lab that could have resulted in regulatory attention over claims that Windows 10 disadvantaged third-party AV.

Kaspersky last week dropped its complaints after Microsoft agreed to several concessions that will appear in the Windows 10 Fall Creators Update, due out next month.

Since Windows 8, Microsoft has enabled Windows Defender when a third-party AV expires. However, Kaspersky complained that Windows 10 notifications made it too easy for users to miss an expired subscription alert. Microsoft also admitted to disabling third-party AV under certain circumstances.

Though Microsoft's implementation of the Defender fallback wasn't perfect, data in its latest Security Intelligence Report, volume 22, suggests that the concept was overall sound. It also offers a defense for its handling of AV in Windows 10 after bowing to Kaspersky's demand for more compatibility testing time and the right to use its own expired subscription notifications.

Windows 7 is still the most widely used version of Windows in the world, and was the primary casualty of the recent NotPetya and WannaCry outbreaks.

Despite its popularity as a target, by far the biggest reason for Windows 7 machines being classed as not "protected" in Microsoft's telemetry data is that they don't run any antivirus.

Microsoft's graph compares four main reasons why Windows Vista, Windows 7, Windows 8, and Windows 10 aren't protected.

For Windows Vista and Windows 7, over 50 percent of unprotected machines aren't running any AV. The remainder have AV installed, but it's either switched off or doesn't have up-to-date virus signatures.

By comparison, the main reason Windows 10 machines were unprotected was out-of-date signatures or the AV was snoozed, while Windows 8 and Windows 8.1 were mostly unprotected because the AV product was turned off.

Microsoft notes a possible explanation for Windows 8/8.1 is that several malware families are capable of switching off anti-malware products.

The graph says nothing about what proportion of users on each version of Windows are unprotected. In 2013 Microsoft reported that 24 percent of Windows PCs weren't protected by up-to-date antivirus.

Back then, Microsoft encouraged Windows users to install one of several third-party products in addition to its own for protection. Today it's had to publicly reaffirm several times that it really does believe a "healthy antivirus ecosystem" is what's best for Windows 10 security.

Previous and related coverage

Windows 10: Here's how Microsoft thinks Defender Security Center will make life safer
Microsoft has outlined how its new security app, due in the Creators Update, will bring together all Windows 10 security information and won't prevent you from using third-party antivirus.
Windows 10: Expect antivirus changes as Microsoft and Kaspersky bury hatchet
Microsoft has caved to demands by antivirus vendors for more time to ensure Windows 10 compatibility.
Windows 10 Fall Creators Update: What's coming on the security front
Microsoft will be adding a number of new security features to Windows 10 Fall Creators Update, but for Enterprise and Windows Server users only.

Read more on Windows 10 security

Editorial standards