Microsoft Defender is mighty impressive against ransomware


Let’s just say that Microsoft Defender, the flagship component of Windows Security, has had its ups and downs. Its performance and detection rate has been all over the place lately in tests and benchmarks.

But one thing where Defender has made a name for itself is in ransomware protection — malware that locks up your data requiring you to pay to get access back. And this is not surprising considering how well the security solution is entrenched in the OS itself.

The folks over at AV-TEST put this to test recently to find out just how well Microsoft Defender fares.

Describing its advanced ransomware test, the company states:

“The Advanced Threat Protection tests provide vendors and users with substantial findings as to how securely a product can protect against ransomware in real-life scenarios.

All the products have to successfully defend against ransomware in 10 real-life scenarios under Windows 10. The test involves threats such as files containing hidden malware in archives, PowerPoint files with scripts or HTML files with malicious content.”

A total of 12 products were put through the paces in the home user/consumer category, while 14 were tested in the business category.

Following images shows how Microsoft Defender conducted itself for home users in ten test scenarios.

It was able to detect the infection in the very first initial access phase in all but one case, which is very impressive. For business users, it went even better, detecting the infection in the initial phase in all the ten test scenarios.

The final scores obtained by the antimalware products are displayed in the images below.

Although, in this case, the scores don’t really mean much as the real observation in this test was to see just how quickly products can detect and successfully block the ransomware. Microsoft Defender passed it in flying colors, while competing solutions like McAfee and Trellix did not.