Windows Defender Review: Quick Expert Summary
Windows Defender is a pretty good antivirus. It offers decent cloud-based security and really good customer support. It also comes prebuilt into the latest Windows computers, meaning you don’t need to pay a monthly subscription to use it.
It provides essential features, including real-time protection and a secure firewall. It also comes with some extra security features such as parental controls, app and browser controls, device security, and performance reports.
However, Windows Defender isn’t perfect, and its malware detection rates and extra features aren’t as good as third-party antiviruses. For example, while Windows Defender’s real-time protection blocked most phishing websites during testing, it let me visit some dangerous sites that competitors like Norton and Bitdefender blocked.
|🏅 Overall Rank||#46 out of 68 antiviruses|
|🎁 Free Plan||✅|
|💰 Money-Back Guarantee||N/A|
|💻 Operating Systems||Windows, Mac, Android, iOS|
Windows Defender Full Review
Windows Defender provides all of the fundamental security features to protect you in 2023, but it lacks many worthwhile extras like a VPN and identity theft protection.
If you want a free antivirus with more features than Windows Defender, you should try Avira Free Security instead. It can do everything Windows Defender can, but it also includes a performance optimizer, password manager, secure browser, and more.
Norton is another good choice. It’s the best premium antivirus in 2023, and while it doesn’t offer a free plan, it includes a 60-day money-back guarantee. Again, Norton can do everything Windows Defender can, but it adds a password manager, VPN, dark web monitoring, system optimization tools, identity theft protection for US users, and much more.
Windows Defender Security Features
Windows Defender includes a pretty good malware scanner. It uses a massive malware database, machine learning, and heuristic analysis to detect new and emerging malware threats, including trojans, worms, cryptojackers, and rootkits.
The malware scanner includes 4 types of malware scans:
- Quick scan — Scans for malware in critical system folders.
- Full scan — Scans your entire computer for malware threats.
- Custom scan — Scans selected files and folders for malware.
- Microsoft Defender offline scan — Scans your computer for hidden malware such as rootkits without starting your operating system.
I tested each scan by downloading an archive containing 1,000s of malware samples and hiding them on my Windows 11 PC. The quick scan took about 5 minutes to scan my entire system, which is pretty good. However, it’s not as good as Bitdefender’s quick scan, which took less than a minute to scan my device. Nonetheless, Windows Defender’s quick scan found and removed every malware sample I’d hidden in my critical system drives.
The full scan took over an hour to complete, which is around the industry standard scan time, but it didn’t find every malware sample on my device. When I tested Norton’s full scan, it completed in 40 minutes and found every malware sample.
Windows Defender’s custom scan lets you right-click suspected files and scan them with one click. It worked well in my tests, but its interface is pretty clunky. Windows Defender opens an entire window just to tell you whether or not threats have been found, while most competitors simply issue a notification on your taskbar.
Finally, I thought the Microsoft Defender offline scan was pretty cool, despite having some limitations. When I initiated the offline scan, it restarted my computer and launched a malware scan before Windows booted. This scan took 15 minutes to complete and found most malware samples. However, I wish there was a way to run the scan without starting your operating system to enable it first. Norton provides recovery tools you can download and install onto a USB device and boot without ever going into your operating system.
Overall, Windows Defender offers a pretty good malware scanner, but each feature it includes is done better by competitors. If you want the essential protections, Windows Defender is a good place to start, but otherwise, check out competitors like Norton or Bitdefender.
Windows Defender Secure Firewall
Windows Defender’s secure firewall monitors inbound and outbound network traffic, but it isn’t as user-friendly as Norton’s or Intego’s (for Mac) firewall. For example, if you click Allow an app or feature through Windows Defender Firewall, you’re shown a list of apps and ports that the firewall will allow through, but you can’t edit this list until you click Change settings and give administrative privileges to the firewall.
Basic options like the Change notification settings button and the switch to turn the firewall on and off are located in different menus instead of one intuitive menu. It quickly got frustrating having to go into these different menus just to make minor adjustments.
However, I quite like the firewall’s advanced settings. They allow you to create specific rules, authenticate communications between computers, monitor the firewall state on a particular profile (i.e. a home or work profile), and more.
I also like the number of details you can see for each connection in the advanced menu. For example, you can see which profile rules apply to a connection, the protocol the connection uses (i.e. TCP, UDP, or any), the port the connection is allowed to use, and more. If you double-click a rule, it’s pretty easy to modify, too — something advanced users will appreciate.
Overall, Windows Defender provides good, in-depth monitoring for inbound and outbound traffic, but it doesn’t block as many suspicious connections as competitors. It’s also annoying to navigate, with basic features (like turning the firewall on and off) hidden throughout different menus.
Windows Defender’s Account Protection offers basic tools to protect your Windows account, but it does little else. Account Protection lets you:
- Connect your Windows and Microsoft account.
- Access Windows’s 2FA settings.
- Enable Dynamic Lock.
According to Windows, connecting your Windows account to your online Microsoft account offers enhanced security, but honestly, outside of syncing passwords (which 1Password does better) and recovering forgotten passwords through your email, I don’t see any real benefit to connecting accounts.
You can also adjust your Windows Hello sign-in options from the Account Protection menu. Windows Hello is Microsoft’s two-factor authentication (2FA) feature, and it’s pretty cool. It lets you log into your account using facial recognition, your fingerprint, a PIN code, or a U2F key. Each option works well, but only specific webcams are compatible with facial recognition, and Windows doesn’t provide an official list of which ones, which is a little annoying.
Finally, Dynamic Lock provides multiple options to lock your computer when you’re physically away from it. For example, you can pair your phone with your PC, and when your phone is far away from your PC, your PC will automatically lock. It’s a neat inclusion, but I can’t think you’d ever need to turn this option on — especially considering you can also lock your PC by hitting CTRL+L on your keyboard.
Overall, I don’t think Account Protection does much to protect your accounts. While Windows Hello offers pretty good 2FA options, I didn’t feel any real benefit from connecting my Microsoft account to Windows, and the Dynamic Lock feature felt like a gimmick. I’d really like to see some of the account protections Norton provides — such as the ability to monitor the dark web for breaches containing your email address.
App & Browser Control
Windows Defender’s App & Browser Control provides two different protections:
- Reputation-based protection.
- Exploit protection.
Reputation-based protection is Windows Defender’s real-time protection. Windows utilizes a massive online database containing a list of millions of known apps and websites. Each of these apps and websites is assigned a reputation score, and if you try downloading a program or visiting a site with a low reputation score, Windows will block it. Overall, it worked well and blocked most phishing sites and dangerous apps during testing, but it didn’t block as many as competitors did, including TotalAV and McAfee.
That said, Windows Defender makes it easy to whitelist false positives. All you have to do is click Protection History, find the app or website you want to allow through, and click Allow on this device. Some competitors, like ESET, make it quite difficult to permanently add exceptions.
App & Browser Control’s exploit protection works out of the box and protects your computer from exploit attacks. It worked well in my tests and protected against most simulated exploit attacks I ran on my Windows 11 computer. However, it didn’t block some of the more advanced exploit attacks that Norton 360 blocked.
Device Security allows you to protect your Windows computer through advanced features such as core isolation. It also lets you see specifications about the security processor built into your PC and informs you if secure boot is enabled.
Honestly, I’m not a massive fan of most Device Security features, but core isolation works well. Core isolation allows you to isolate important core processes from your computer’s memory to protect them from malware. When I had core isolation enabled, I didn’t notice any performance impact, and when I tried running malware samples that target these core processes, they didn’t cause any damage.
However, these forms of malware aren’t a huge risk and it’s disappointing Windows doesn’t let you choose which programs it isolates. Many competitors, including Avira and ESET, let you isolate any program you want in a virtual environment. For example, you can isolate your web browser when visiting financial websites to ensure malware can’t steal data from them.
Unfortunately, Device Security is disabled on most computers by default because you need to be running a TPM 2.0 security processor for it to work. You also need to have secure boot enabled, and more. Most beginner users won’t know to look for these options in their computer’s boot settings and will, therefore, never benefit from these protections anyway.
Device Performance & Health
Windows Defender’s Device Performance & Health feature allows you to gain several insights about your computer, but it does nothing to optimize your performance. Device Performance & Health allows you to see:
- Any issues with the Windows Time service.
- Problems with your computer’s storage capacity.
- If your battery life is low (laptop only).
- If there are issues with apps and software.
If Windows finds problems with any of the above, it will tell you how to fix them. You can normally do this in one click. However, you can’t initiate a manual performance and health scan and have to rely on Windows to run automatic scans at regular intervals — which can be annoying if you’re trying to troubleshoot problems. TotalAV includes a PC optimizer that you can run on demand, and it even boosts and optimizes your computer’s performance.
Device Performance & Health also lets you reinstall Windows while keeping your personal files, but it’s hard to initiate. Even though you can still see the “Fresh start” option in the Device Performance & Health menu, Windows removed this feature in the Windows 10 2004 update. So you have to type “Reset this PC” into the start menu and click the Reset this PC button to utilize a similar feature. I have no idea why Windows didn’t update its user interface (UI) to remove the useless “Fresh start” section.
Overall, I’m not a fan of Device Performance & Health. I do like how you can troubleshoot problems with your computer and fix them with one click, but I don’t like how you can’t scan for problems. I also don’t like the fact that Device Performance & Health lacks any way to optimize your PC — something competitors like TotalAV include.
Family Options/Parental Controls
Windows Defender’s family options include various ways to improve your family’s digital life and monitor your children’s online activity — but they’re quite hard to set up and use. The family-oriented features include:
- Spending. Add money to your family’s Microsoft account.
- Geofencing. See where your family is in real-time.
- Activity reporting. See how long your kid has been using a certain device or app.
- Content filters. Block access to specific websites.
- Driving reporting (Microsoft 365 Family only). See insights on recent driving behaviors, such as top speed and frequency of hard braking.
- Family email. Quickly access your Outlook email.
- Family calendar. Quickly access your Outlook calendar.
Some of these features don’t do that much. For example, family email and calendar just redirect you to the respective Outlook websites, and “Spending” just lets you add money to your Microsoft account.
On the other hand, geofencing lets you see your family’s location in real-time and works with pinpoint precision. That said, it’s annoying to set up. Once you’ve downloaded Microsoft’s Family Safety App on the device you want to track, you have to connect it to a Microsoft account and then turn on location settings for that account. However, the problem with this is your kid needs to have an email address before you can connect their account to a Microsoft account. There are workarounds for adding an account without an email, but it’s pretty complicated. Competitors like Qustodio, FamiSafe, and Bitdefender simply let you add a profile and start monitoring it — no child email needed.
Windows Defender’s content filters also work well but are very basic. They only work on Microsoft Edge, and you can’t filter particular website categories. Norton’s content filters work across all browsers and can filter websites across 47 categories, such as pornography, weapons, and crime. Similarly, Qustodio’s content filters have over 25 categories, which allows you to quickly filter out inappropriate websites.
That said, I really like how the parental controls on Windows Defender let you monitor your kid’s screen time on Xbox. The only other parental control tool I’ve tested that lets you do this is Bark.
Overall, Windows Defender provides a lot of family options and parental controls, but most of them are hard to navigate and aren’t done as well as competitors. If you’re in the market for good parental controls, check out our 5 best parental control apps in 2023. Alternatively, if you want an antivirus too, you can check out our 5 best antivirus software with parental controls.
Windows Defender Plans and Pricing
Windows Defender is free and comes prepackaged with most Windows computers. However, if you subscribe to Microsoft 365 Personal or Family (starting from $69.99 / year), you get access to the desktop and mobile app, Microsoft Defender for Individuals.
Microsoft 365 Personal
Microsoft 365 Personal costs $69.99 / year and allows you to download the Microsoft Defender for Individuals app on Windows, Mac, iOS, and Android. Microsoft Defender for Individuals does everything the built-in version of Microsoft Defender on Windows 10 and 11 can do but adds the following:
- Malware scanner on mobile.
- Real-time security alerts between devices.
- Protection on up to 5 devices.
- Security tips.
- 1 TB cloud storage.
You also get access to Microsoft Office, Teams, and Editor — which is cool.
Honestly, Microsoft 365 Personal is a good choice if you want the 1 TB cloud storage (which uses Microsoft’s OneDrive) and the real-time security alerts between devices. But it doesn’t offer as many extra features as alternative premium antiviruses. For example, you don’t get a VPN, password manager, or dark web monitoring, which are included with Norton.
Microsoft 365 Family
Microsoft 365 Family includes everything in Microsoft 365 Personal and adds:
- Protection on up to 5 devices for 6 users.
- 6 TB of cloud storage.
- Access to Drive Safety on Microsoft’s Family app.
Microsoft 365 Family is a bit more expensive than Microsoft’s Personal plan, costing $99.99 / year, but I think it’s a much better option for the extra cloud storage space.
However, I still think Microsoft 365 Family lacks many features you should expect in a premium antivirus, such as more advanced parental controls, a VPN, and PC optimizer (all of which are included in Norton’s 360 Deluxe package).
That said, you can try Microsoft 365 Personal and Microsoft 365 Family on a 30-day free trial.
Windows Defender Ease of Use and Setup
Since Windows Defender comes prepackaged with Windows, you don’t need to do anything to set it up. It works silently in the background without installation, which is ideal for beginner users.
If you right-click on the Windows Defender icon in the taskbar, you’re given 4 options.
Opening the security dashboard takes you to Windows Defender’s main user interface, which is well laid out with all of Windows Defender’s features accessible through large, clear buttons. There’s also a menu on the left side of the screen with the same options.
Windows Defender looks easy to navigate, but I’m annoyed at how difficult it is to schedule a virus scan. There’s no way to do it from within Windows Defender’s UI. Instead, you have to open the Task Scheduler app and create a trigger — which is as complicated as it sounds. Many competitors, including Norton, Bitdefender, and TotalAV, let you schedule scans from within their UI.
I also found it a bit annoying how the Family Options menu only takes you to an online parental control dashboard on Microsoft’s website. If your internet connection goes down, you can’t make any adjustments to the parental controls.
Overall, navigating the user interface to customize Windows Defender can be pretty frustrating, as simple functionalities like scheduling scans are made overly complicated.
Windows Defender Desktop and Mobile Apps
Windows Defender offers a desktop app on both Windows and Mac if you subscribe to one of the Microsoft 365 packages. I tested the desktop app on my Windows 11 PC and Apple MacBook Air.
Windows Defender’s desktop app includes:
- Security tips.
- Device overview/details.
- Security history.
- Security alerts.
Honestly, I’m not too impressed by many of these features. Firstly, the security tips are all very basic. For example, the first security tip I received said: “It’s a good habit to periodically remove any apps you no longer use”. However, Windows Defender didn’t provide any resources on how to remove apps. The second tip said, “Install the latest updates on all your devices and apps to help prevent malware”, but similarly didn’t provide any instructions on how to update your operating system or apps, so beginner users will still struggle.
Device overview/details showed me all the devices I’d connected to Microsoft Defender and their security status. However, it’s slow to update and uninformative. I connected my phone to Microsoft Defender and turned off some of the most critical protections on it. The overview screen on my computer didn’t update until I manually restarted the desktop app, and when it did, it simply issued an alert saying, “Needs attention”. It didn’t tell me what I needed to do or offer any options on starting remote virus scans like Bitdefender does.
Clicking on This device on the UI took me to an overview of the security status on my computer, but this doesn’t offer any extra functionality than what’s already included in the original Windows Security. For example, there’s no way to run a malware scan, and all of the overview details are already available in the free app.
Finally, Security History shows you any threats Windows Defender has found on your device, but again, it doesn’t do much more than what Windows Defender can already do for free. You can’t even whitelist files from the desktop app and have to open the built-in Windows Defender to do so.
Overall, Windows Defender’s desktop app is super disappointing. It adds very little functionality to what’s already included in the pre-installed version of Windows Defender. If you want to use it to monitor other devices in your network, the information it gives is vague and unclear. You’re better off choosing an antivirus like Bitdefender that offers centralized control and allows you to initiate remote malware scans of connected devices.
Windows Defender offers a mobile app on both Android and iOS. I tested the mobile apps on my Huawei P30 Lite and iPhone 11. Windows Defender’s mobile app includes:
- Malware scanner (Android only).
- Web protection.
- Security history.
- Device monitoring.
To test the malware scanner, I downloaded an archive containing 1,000s of malware samples and hid them on my Android device. The malware scanner only took a few minutes to complete and found most malware threats — which is pretty good.
The web protection worked well, too, and blocked more dangerous websites than Chrome’s default protections on my Android. It worked almost as well as Norton’s web protections, but it let me access a few sample phishing sites that Norton managed to block.
Security history is essentially your device’s quarantine folder, but I’m not too impressed with it. I thought it would show me a list of all my recent virus scans and their results, but it always just told me I was all caught up — which is pretty annoying.
Finally, device monitoring lets you send devices on your network a link to install the Microsoft Defender app, allowing you to keep track of them. For example, if Windows Defender finds malware on your computer, you can get a notification on your phone alerting you to it. It’s a good inclusion and works well, but I wish there were ways to initiate remote scans like you can from Bitdefender’s web dashboard.
Overall, Windows Defender’s mobile app is pretty basic and lacks many features competitors include — such as a VPN, anti-theft protection, and phone optimizer. If you’re looking for good malware protection on your mobile, you’re much better off checking out our 5 best Android antiviruses in 2023 or the 5 best iOS antivirus apps.
Windows Defender Customer Support
Windows Defender offers quite a few customer support options:
- Get Help app.
- Online knowledge base.
- Live chat.
- Phone support.
- Support forums.
Windows Defender’s online knowledge base is really good. It contains hundreds of helpful guides and videos, and you can easily find what you need by using an online search feature or clicking links from inside the relevant feature on Windows Defender. I never struggled to solve any problems I was having with Windows Defender.
The live chat function works quite well, and I liked how I could access it most hours of the day. I never had to wait long to connect with a support agent, and all agents I engaged with were friendly and provided clear, concise answers to my questions. Admittedly, I did have one bad experience where I contacted the wrong live chat department, and the support agent said they would transfer me but never did — but that was partly my fault.
I like the support forums, too. Getting answers from the community never took long, and it was good to have specialized support from other users with first-hand experience. My only complaint is that the forum is quite unorganized, so it was hard to scroll through and find solutions.
Overall, Windows Defender’s customer support is really good. Since Windows Defender is part of Microsoft, you’re given the full capabilities of Microsoft’s support network, which is honestly one of the best.
Is Windows Defender Enough to Keep you Protected from Malware in 2023?
Windows Defender is a good free antivirus program to get you started in 2023. It provides good malware protection, decent web protection, and more. If you just want essential protection that runs out of the box, Windows Defender offers exactly that.
But there are some drawbacks. Users may quickly get frustrated with basic functions (such as scheduling scans) being made overly complex, the lack of user-friendly interfaces, and other features that seem pointless.
Plus, each of Windows Defender’s features is done better by third-party antivirus software providers such as Norton and Bitdefender. For example, Norton and Bitdefender always had more consistent malware detection rates, blocked more phishing websites, and are both more user-friendly than Windows Defender.
Overall, Windows Defender offers good malware protection, but it’s not enough to keep you 100% protected in 2023. Instead, you should consider choosing an alternative antivirus from our list of the 10 best antivirus software in 2023.
Windows Defender — Frequently Asked Questions
What is the best Windows Defender alternative?
Norton is the best Windows Defender alternative, as it provides excellent malware protection, a more well-rounded set of features, and a more user-friendly interface. Norton also includes features like live identity theft monitoring, a VPN, and a password manager — Windows Defender doesn’t include these features.
However, there are many better alternatives to Windows Defender, including Bitdefender, which enables remote device scanning (Windows Defender provides the option to view the security status of remote devices, but it doesn’t enable users to run scans remotely to fix potential issues).
If you’re looking for a free Windows Defender alternative, Avira’s free version offers great malware protection and a couple of extra features, like a free (but limited) VPN and password manager.
Is Windows Defender still supported?
Windows Defender is still supported, but that doesn’t necessarily mean it’s a good choice. While Windows Defender offers essential cybersecurity protections, it doesn’t provide enough to keep you fully protected in 2023. You should choose an alternative antivirus like Norton, Bitdefender, or TotalAV instead. While they’re not free antiviruses like Windows Defender, they all offer better quality features.
However, if you’re certain you don’t want to pay for an antivirus, you should still consider switching to a free alternative like Avira Free. Avira Free comes with more features than Windows Defender (such as a secure VPN and password manager), and it caught more malware samples in my tests than Windows Defender did.
Can Windows Defender detect keyloggers?
Windows Defender can detect all types of malware, including trojans, rootkits, computer worms, and more. However, when I ran keylogging test software on my computer, Windows Defender didn’t block it, and it could record my keystrokes. I tried to run the same keylogging test software on Norton, which blocked the keylogger before I could even open it.
Can Windows Defender scan zip files?
Yes, Windows Defender can scan zip files, including .rar and .cab files. However, Windows Defender’s malware detection rates aren’t as good as other competitors on the market. If you want to scan zip files with 100% certainty that you’ll find every piece of potential malware in them, I’d recommend choosing an antivirus from our top 10 list.