You and I. We know. We know that a Windows computer needs protecting. But not everyone does. They don’t get how important it is to have some sort of defence against all the bad stuff out on the web today. But Microsoft knows. And they plan on doing something about it.
Its been known for several months now that Microsoft was planning on bundling some sort of antivirus program when they release Windows 8, presumably based upon their free and reasonably good Security Essentials. I was wondering how they were going to package this though, considering the problems the software giant has had in the past with regards to add-ons, i.e. their internet browser.
Well, now we know.
The security software that comes with Windows 8 is known as Windows Defender and, if you’ve used the new Developer Preview, Consumer Preview or Release Preview then you may have already come across it. It is an amalgamation of Microsoft’s antivirus and anti-spyware programs and was automatically running in those preview versions of the new operating system.
In the final release, however, things will be somewhat different.
Now I don’t know if Microsoft are concerned about possible lawsuits or whether they are just feeling charitable but their security option will not be turned on by default. Instead, the program will look to see if the user has already installed an antivirus or internet security program. If it finds that they have then Defender will keep out of the way. If no security protection is noted then Windows Defender will wait for a period of 15 days before switching itself on.
At first glance this seems like a good idea – ultimately every Windows 8 user gets protected after all – but is it the perfect solution?
@security_faqs Always so. If Windows built in Antivirus would give their users real defence there will be no antivirus software market.
— Katrina Sanchez (@KatrinaSanchez7) June 12, 2012
Protect Me, Protect Me Not
On the surface it does look like a good idea as it virtually guarantees that every user of the new operating system will have at least some sort of protection. Windows Defender will kick in 15 days after it last detects any antivirus signatures being downloaded. But what if the user is using some sort of cloud based protection that doesn’t download any updates?
What happens if a trial version of an antivirus program, typically bundled with and run when the computer is first purchased, runs out and the user then does nothing? For 15 days they have no protection whatsoever. Plenty enough time for their PC to get infected.
Will Windows 8 actually recognise the signatures for every antivirus program out there? Or is there a risk that Defender could kick in and start working in tandem with an already running security suite?
Will the new Microsoft operating system be able to distinguish between legitimate AV and rogue copies which may also download signatures in an attempt to keep Defender switched off?
What happens when all the people with lapsed trials + those who don’t think to use AV + all those security researchers end up on the default Windows security solution? Do they not just make Windows Defender an incredibly big and juicy target for hackers to go after?
Personally, I have some reservations about this at the moment. Sure, Microsoft Security Essentials does a decent job for a free program but this implementation method asks as many questions as it answers right now. But, to end on a positive note, it should allow Microsoft to block an awfully large number of those pesky Windows activation exploits 🙂