Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > alt.comp.os.windows-10 > #186666 > unrolled thread

Windows Defender Security After October

Started by"Bill Bradshaw" <bradshaw@gci.net>
First post2025-08-11 08:37 -0800
Last post2025-08-14 00:33 +0100
Articles 10 on this page of 30 — 16 participants

Back to article view | Back to alt.comp.os.windows-10


Contents

  Windows Defender Security After October "Bill Bradshaw" <bradshaw@gci.net> - 2025-08-11 08:37 -0800
    Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-11 12:12 -0500
      Re: Windows Defender Security After October Marion <marion@facts.com> - 2025-08-11 19:17 +0000
        Re: Windows Defender Security After October Paul in Houston TX <Paul@Houston.Texas> - 2025-08-11 18:47 -0500
          Re: Windows Defender Security After October Joerg Walther <joerg.walther@magenta.de> - 2025-08-12 11:44 +0200
            Re: Windows Defender Security After October Marion <marion@facts.com> - 2025-08-12 16:58 +0000
              Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 18:37 -0400
              Re: Windows Defender Security After October wasbit <wasbit@REMOVEhotmail.com> - 2025-08-13 09:15 +0100
                Re: Windows Defender Security After October Marion <marion@facts.com> - 2025-08-13 21:21 +0000
                  Re: Windows Defender Security After October Hank Rogers <Hank@nospam.invalid> - 2025-08-13 19:14 -0500
        Re: Windows Defender Security After October "Carlos E. R." <robin_listas@es.invalid> - 2025-08-12 21:22 +0200
      Re: Windows Defender Security After October mick <nospam@junk.mail> - 2025-08-11 20:46 +0100
        Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-11 19:47 -0500
        Re: Windows Defender Security After October wasbit <wasbit@REMOVEhotmail.com> - 2025-08-12 09:32 +0100
    Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-11 17:24 -0400
      Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-11 19:59 -0500
        Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 01:39 -0400
          Re: Windows Defender Security After October wasbit <wasbit@REMOVEhotmail.com> - 2025-08-12 09:41 +0100
          Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-12 12:49 -0500
        Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 01:51 -0400
          Re: Windows Defender Security After October VanguardLH <V@nguard.LH> - 2025-08-12 13:08 -0500
    Re: Windows Defender Security After October Windows 11 User <invalid@invalid.invalid> - 2025-08-12 00:01 +0000
    Re: Windows Defender Security After October knuttle <keith_nuttle@yahoo.com> - 2025-08-11 21:06 -0400
      Re: Windows Defender Security After October "J. P. Gilliver" <G6JPG@255soft.uk> - 2025-08-12 02:15 +0100
      Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-12 02:13 -0400
    Re: Windows Defender Security After October Chris <ithinkiam@gmail.com> - 2025-08-13 06:34 +0000
      Re: Windows Defender Security After October Paul <nospam@needed.invalid> - 2025-08-13 02:48 -0400
        Re: Windows Defender Security After October "J. P. Gilliver" <G6JPG@255soft.uk> - 2025-08-13 12:04 +0100
    Re: Windows Defender Security After October dillinger <dillinger@invalid.not> - 2025-08-13 20:38 +0200
      Re: Windows Defender Security After October Bloody Microshit <invalid@invalid.invalid> - 2025-08-14 00:33 +0100

Page 2 of 2 — ← Prev page 1 [2]


#186718

FromVanguardLH <V@nguard.LH>
Date2025-08-12 13:08 -0500
Message-ID<15mddvrsxh487.dlg@v.nguard.lh>
In reply to#186700
Paul <nospam@needed.invalid> wrote:

> VanguardLH wrote:
>
>> Signature databases are updated at very short intervals, sometimes
>> daily.  Heuristics, however, often don't change until the next major
>> version update.  With Defender, its engine is updated with major version
>> releases of Windows, not before.  While signatures can cause false
>> positives (the hash to match is not against all bytes in a file), aging
>> heuristics can generate more false positives.
> 
> Not all AVs have heuristics (that is how bad some of them are).
> Some of them, you can kinda tell by how clueless the product
> is, that they are just signature analysis programs.

I think that is how ClamAV operates.  It has such poor detection that AV
compare sites don't bother listing it.

> Malwarebytes started by designing some heuristic protections
> with their product, and no signatures. Signature analysis was
> added later. Not many other products have worked in that order.
> It's just so much easier to clone the ClamAV database and use
> that.

But ClamAV's detection rate is very poor.  MBAM is cloning ClamAV's sig
database would explain why MBAM also shows poorly for on-access
(real-time) detection.  

90% detection rate sounds great until you realize the most difficult to
detect are inside the last 2% of coverage, so you need AVs with, at a
minimum, 98% detection rates, or higher.  90% means the easy-to-detect
or very old pests were detected.

There are companies that will add their own signatures into ClamAV's sig
database, so you get better pest detection with ClamAV + othersigs.
SecuriteInfo claims 90% with their sigs added to ClamAv's, but that
means ClamAV's sigs alone have less than 90% coverage.  Very poor.

https://www.securiteinfo.com/clamav-antivirus/improve-detection-rate-of-zero-day-malwares-for-clamav.shtml

They have a free tier, and paid tiers for more features.  But why bother
using ClamAV to then incorporate another sig source rather than getting
a better AV in the first place?

Yeah, ClamAV is better than nothing, but it is just better than nothing.

[toc] | [prev] | [next] | [standalone]


#186686

FromWindows 11 User <invalid@invalid.invalid>
Date2025-08-12 00:01 +0000
Message-ID<107e0a0$3261$1@paganini.bofh.team>
In reply to#186666
On 11/08/2025 17:37, Bill Bradshaw wrote:
> After using Windows 11 on a new mini computer I am worried about upgrading
> some of my windows 10 computers to 11. If you go through some contortions MS
> is going to provide defender upgrades but it appears you also have to have
> Microsoft accounts rather than local accounts.  Why not forget defender and
> go to a commercial antivirus?  So I would have pay for a license but that I
> am not concerned about that.
> 
> <Bill>
> 
> 

Commercial antivirus providers will only sell to you if you create an 
account with them. They will require your mobile or landline number so 
that they can provide you with further services in Alaska, where Donald 
Trump will have the opportunity to meet his hero, Vladimir Vladimirovich 
Putin.















[toc] | [prev] | [next] | [standalone]


#186691

Fromknuttle <keith_nuttle@yahoo.com>
Date2025-08-11 21:06 -0400
Message-ID<107e41q$2v7gi$1@dont-email.me>
In reply to#186666
On 08/11/2025 12:37 PM, Bill Bradshaw wrote:
> After using Windows 11 on a new mini computer I am worried about upgrading
> some of my windows 10 computers to 11. If you go through some contortions MS
> is going to provide defender upgrades but it appears you also have to have
> Microsoft accounts rather than local accounts.  Why not forget defender and
> go to a commercial antivirus?  So I would have pay for a license but that I
> am not concerned about that.
> 
> <Bill>
> 
> 
It is possible that you can get a free version of a commercial antivirus 
program from your internet provider.

I know the ATT provides a free version of commercial antivirus program. 
  It was one of the first things I installed on my new computer.

[toc] | [prev] | [next] | [standalone]


#186692

From"J. P. Gilliver" <G6JPG@255soft.uk>
Date2025-08-12 02:15 +0100
Message-ID<107e4jf$2vckk$2@dont-email.me>
In reply to#186691
On 2025/8/12 2:6:1, knuttle wrote:

[]

> It is possible that you can get a free version of a commercial antivirus 
> program from your internet provider.

[]

I think I've also seen banks offer something.--
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

In the words of my grandpa, a woman is as old as she looks. A man is
never old until he stops looking.
- Alice Apfel, designer, 1921-2024 (102)

[toc] | [prev] | [next] | [standalone]


#186701

FromPaul <nospam@needed.invalid>
Date2025-08-12 02:13 -0400
Message-ID<107em22$336h3$1@dont-email.me>
In reply to#186691
On Mon, 8/11/2025 9:06 PM, knuttle wrote:
> On 08/11/2025 12:37 PM, Bill Bradshaw wrote:
>> After using Windows 11 on a new mini computer I am worried about upgrading
>> some of my windows 10 computers to 11. If you go through some contortions MS
>> is going to provide defender upgrades but it appears you also have to have
>> Microsoft accounts rather than local accounts.  Why not forget defender and
>> go to a commercial antivirus?  So I would have pay for a license but that I
>> am not concerned about that.
>>
>> <Bill>
>>
>>
> It is possible that you can get a free version of a commercial antivirus program from your internet provider.
> 
> I know the ATT provides a free version of commercial antivirus program.  It was one of the first things I installed on my new computer.

<rolls eyes>

Absolutely DO NOT do that.

Internet providers hand out JUNK. Remember that
the reason they got a deal on the AV product in the
first place, is the AV company is badly in need of
"promotion", so the ISP is getting a copy of an AV for a buck.
If you listen to the users whine about what a piece
of "crap" their free gift was, you would not be
so fast to latch onto an item like that. Look at Vanguards
description of the "left-overs" products like that leave
behind. Even if you use the "cleaner application" the
AV company hands out, even that can't remove everything.

This is because, at the heart of it, an AV is a root kit.
There is nothing finer as an AV, than latching onto the
kernel and injecting yourself. That's your "perch" where
you can watch the world go by. The more lazy you are as an
AV company, the more dirty your "little trick" is.

And you'll notice recently, Microsoft had a dialog with its
friends, about what intrusions in Ring0 were costing Microsoft.
And that means, the AV companies might not be sitting on the
same perch they were sitting on last week. They could end up
in a container, like NVidia and RealTek (the excessive usage
of virtualization, for OS control).

   (sample article)

    https://www.theverge.com/news/692637/microsoft-windows-kernel-antivirus-changes

I believe that Kaspersky as a product, is good enough, it
could survive in a knife fight in Ring 3. Not a lot of other
products are that good. I was really impressed, the one time
I needed that. It took three reboots, but on the third
reboot, Kaspersky had tunneled in, and the malware was dead.
I was impressed by the little show.

On the first reboot, the machine didn't last very long.
On the second reboot, the knife fight took a bit longer,
before the malware won. But on the third reboot, Kaspersky
had managed to do something on that second cycle,
to slay the malware, and the little fight was over.
And with Kaspersky, there was no little box on the screen
saying "we fix 8000 things". There was no gloating.
There was just the knife fight... and then I was in control
of the machine again.

It was similarly funny, when I was attempting to install FRAPS.
That's a frame counter program and capture program, for recording
video game play. It worked up to Windows 7 or so, but does not work
on later OSes. It works, by "injecting" a DLL in each Program Files
folder. Well, Kaspersky *hates* seeing an activity like that,
and Kaspersky and FRAPS got into a knife fight (because FRAPS
was dumping 200 copies of the same DLL onto C: ), and after
maybe five seconds or so, the machine was frozen. Reboot time.

   Paul

[toc] | [prev] | [next] | [standalone]


#186732

FromChris <ithinkiam@gmail.com>
Date2025-08-13 06:34 +0000
Message-ID<107hbld$3oajs$1@dont-email.me>
In reply to#186666
Bill Bradshaw <bradshaw@gci.net> wrote:
> After using Windows 11 on a new mini computer I am worried about upgrading 
> some of my windows 10 computers to 11. If you go through some contortions MS 
> is going to provide defender upgrades but it appears you also have to have 
> Microsoft accounts rather than local accounts.  Why not forget defender and 
> go to a commercial antivirus?  So I would have pay for a license but that I 
> am not concerned about that.
> 

Commercial vendors will quickly drop Win10 support. 

[toc] | [prev] | [next] | [standalone]


#186735

FromPaul <nospam@needed.invalid>
Date2025-08-13 02:48 -0400
Message-ID<107hcf9$3ogmq$1@dont-email.me>
In reply to#186732
On Wed, 8/13/2025 2:34 AM, Chris wrote:
> Bill Bradshaw <bradshaw@gci.net> wrote:
>> After using Windows 11 on a new mini computer I am worried about upgrading 
>> some of my windows 10 computers to 11. If you go through some contortions MS 
>> is going to provide defender upgrades but it appears you also have to have 
>> Microsoft accounts rather than local accounts.  Why not forget defender and 
>> go to a commercial antivirus?  So I would have pay for a license but that I 
>> am not concerned about that.
>>
> 
> Commercial vendors will quickly drop Win10 support. 
> 

Some in fact, already did. There were a number of computers
with no drivers for Windows 10, and this is happening well before
Windows 10 is done and dusted.

AV do not drop their support immediately. You can continue
to subscribe to third party ones, if you want. There are
free ones of that nature you can use as well, but the bloat
in them ("I include My Secure Browser") are a wee bit of
an acquired taste. I can't stand that approach to software
design, the throwing in of an unnecessary ice cube maker.

The practices then, are topic-related. Each area can have
a different policy for you to discover.

   Paul

[toc] | [prev] | [next] | [standalone]


#186740

From"J. P. Gilliver" <G6JPG@255soft.uk>
Date2025-08-13 12:04 +0100
Message-ID<107hrgd$3ldm0$3@dont-email.me>
In reply to#186735
On 2025/8/13 7:48:8, Paul wrote:
> On Wed, 8/13/2025 2:34 AM, Chris wrote:
>> Bill Bradshaw <bradshaw@gci.net> wrote:

[]

>>> Microsoft accounts rather than local accounts.  Why not forget defender and 
>>> go to a commercial antivirus?  So I would have pay for a license but that I 
>>> am not concerned about that.
>>>
>>
>> Commercial vendors will quickly drop Win10 support. 
>>
> 
> Some in fact, already did. There were a number of computers
> with no drivers for Windows 10, and this is happening well before
> Windows 10 is done and dusted.
> 
> AV do not drop their support immediately. You can continue

Indeed. I can see (e. g.) driver manufacturers dropping support for
older OSs - they (or their paymasters) are in the business of selling
new hardware after all. But AV seem to maintain support _well_ after
EOS: I'm not using my Windows 7 machine at the moment, but that was
certainly getting AV updates until a year ago, and may still.

> to subscribe to third party ones, if you want. There are
> free ones of that nature you can use as well, but the bloat
> in them ("I include My Secure Browser") are a wee bit of
> an acquired taste. I can't stand that approach to software
> design, the throwing in of an unnecessary ice cube maker.

I agree the nagware/fakery is irritating, but - for something free - it
hasn't for me reached my threshold of making me remove it. By fakery, I
mean - I have AVG - the way it says something like "you have ten
security risks", and then _pretends_ to go through a process of finding
them.)>
> The practices then, are topic-related. Each area can have
> a different policy for you to discover.
> 
>    Paul
Yes, I wonder why AV vendors _do_ support older OSs; one presumes they
find they still get enough revenue (from people who take up the paid
version) to make it worth while (plus a smidgin of good PR). Of course,
if done properly rather than lazily, continuing to support older OSs
_shouldn't_ involve much overhead anyway.
-- 
J. P. Gilliver. UMRA: 1960/<1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

Everyone learns from science. It all depends how you use the knowledge.
- "Gil Grissom" (CSI).

[toc] | [prev] | [next] | [standalone]


#186744

Fromdillinger <dillinger@invalid.not>
Date2025-08-13 20:38 +0200
Message-ID<9l2vml-ri7p2.ln1@spock.lan>
In reply to#186666
On 8/11/2025 6:37 PM, Bill Bradshaw wrote:
> After using Windows 11 on a new mini computer I am worried about upgrading
> some of my windows 10 computers to 11. If you go through some contortions MS
> is going to provide defender upgrades but it appears you also have to have
> Microsoft accounts rather than local accounts.  Why not forget defender and
> go to a commercial antivirus?  So I would have pay for a license but that I
> am not concerned about that.
> 
> <Bill>
> 
> 
Your Windows will not be patched anymore, this is not the same as 
dropping defender updates, they will likely continue, at least until IOT 
Enterprise 2021 runs out of support.
FWIW, defender still is updated on Windows 8.1 today, more than 2.5 
years after W8 EOL.

[toc] | [prev] | [next] | [standalone]


#186750

FromBloody Microshit <invalid@invalid.invalid>
Date2025-08-14 00:33 +0100
Message-ID<107j7vh$jl4k$1@paganini.bofh.team>
In reply to#186744
On 13/08/2025 19:38, dillinger wrote:
> On 8/11/2025 6:37 PM, Bill Bradshaw wrote:
>> After using Windows 11 on a new mini computer I am worried about 
>> upgrading
>> some of my windows 10 computers to 11. If you go through some 
>> contortions MS
>> is going to provide defender upgrades but it appears you also have to 
>> have
>> Microsoft accounts rather than local accounts.  Why not forget 
>> defender and
>> go to a commercial antivirus?  So I would have pay for a license but 
>> that I
>> am not concerned about that.
>>
>> <Bill>
>>
>>
> Your Windows will not be patched anymore, this is not the same as 
> dropping defender updates, they will likely continue, at least until IOT 
> Enterprise 2021 runs out of support.
> FWIW, defender still is updated on Windows 8.1 today, more than 2.5 
> years after W8 EOL.


I can't get this update:

<https://support.microsoft.com/en-gb/topic/kb5021123-description-of-the-security-update-for-sql-server-2012-sp4-gdr-february-14-2023-74a1bd4d-63c0-41a5-8c9a-12e6b9f9ef43>

Microsoft wants me to pay for it.

Bloody Microshit!!!

[toc] | [prev] | [standalone]


Page 2 of 2 — ← Prev page 1 [2]

Back to top | Article view | alt.comp.os.windows-10


csiph-web