Windows Defender

Windows Defender
A component of Microsoft Windows

Windows Defender Antivirus, as appears in the Windows 10 Creators Update
Details
Type	Antivirus software on Windows 8 and later; formerly spyware removal software
Included with	Windows Vista and later, Windows Server 2016
Also available for	Windows XP and Windows Server 2003^[1]
Support status
Same as the version of Windows with which it is integrated
Related components
Microsoft Security Essentials Windows Defender Security Center

Windows Defender, officially called Windows Defender Antivirus in Windows 10 Creators Update, is an anti-malware component of Microsoft Windows. It was first released as a free antispyware program download for Windows XP, shipped with Windows Vista and Windows 7 and made into a full antivirus program replacing Microsoft Security Essentials as part of Windows 8 and later versions.

Basic features

Before Windows 8, Windows Defender protected against spyware.^[2] It included a number of real-time security agents that monitored several common areas of Windows for changes which might have been caused by spyware. It also included the ability to easily remove installed ActiveX software. Windows Defender featured integrated support for Microsoft SpyNet that allows users to report to Microsoft what they consider to be spyware, and what applications and device drivers they allow to be installed on their system. Protection against viruses was added in Windows 8; Windows Defender in Windows 8 resembles Microsoft Security Essentials (MSE) and uses the same virus definitions.

In Windows 10, Windows Defender settings are controlled by the Settings app, and the Settings button opens the Settings app. In the Windows 10 Anniversary Update, toast notifications appear to announce the results of a scan, even if no viruses are found. The same update introduced a new flat logo.^[3]

History

Beta

Microsoft AntiSpyware Beta 1 (Version 1.0.701)

Windows Defender is based on GIANT AntiSpyware, which was originally developed by GIANT Company Software, Inc. The company's acquisition was announced by Microsoft on December 16, 2004.^[4]^[5] While the original GIANT AntiSpyware supported older Windows versions, support for the Windows 9x line of operating systems was later dropped.

The first beta version of Microsoft AntiSpyware was released on January 6, 2005 and was basically a repackaged GIANT AntiSpyware.^[4] More builds were released in 2005, with the last Beta 1 refresh released on November 21, 2005.

At the 2005 RSA Security conference, Chief Software Architect and co-founder of Microsoft, Bill Gates, announced that Windows Defender (which was known as Microsoft AntiSpyware prior to November 4, 2005) would be made available free of charge to all validly licensed Windows 2000, Windows XP, and Windows Server 2003 users to help secure their systems against the increasing malware threat.^[6]

Windows Defender (Beta 2) was released on February 13, 2006. It featured the program's new name and a significant user interface redesign. The core engine was rewritten in C++, unlike the original GIANT-developed one, which was written in Visual Basic.^[7] This improved the application's performance. Also, since beta 2, the program works as a Windows service, unlike earlier releases, which enables the application to protect the computer even when a user is not logged on. Beta 2 also requires Windows Genuine Advantage validation. However, Windows Defender (Beta 2) did not contain some of the tools found in Microsoft AntiSpyware (Beta 1); Microsoft removed the System Inoculation, Secure Shredder and System Explorer tools found in MSAS (Beta 1) as well as the Tracks Eraser tool, which allowed users to easily delete many different types of temporary files related to Internet Explorer 6, including HTTP cookies, web cache, and Windows Media Player playback history.^[4] Microsoft later released German and Japanese versions of Windows Defender (Beta 2).^[8]^[9]

General availability

On October 24, 2006, Microsoft released Windows Defender. It supports Windows XP and Windows Server 2003; however, unlike the betas, it does not run on Windows 2000.^[10]

Conversion to antivirus

Windows Defender was released with Windows Vista and Windows 7, serving as their built-in antispyware component. In Windows Vista and Windows 7, Windows Defender was superseded by Microsoft Security Essentials, an antivirus product from Microsoft which provided protection against a wider range of malware. Upon installation, Microsoft Security Essentials disabled and replaced Windows Defender.^[11]^[12]^[13] In Windows 8, Microsoft upgraded Windows Defender into an antivirus program very similar to Microsoft Security Essentials for Windows 7^[14] and using the same virus definition updates. MSE itself does not run on Windows versions beyond 7. In Windows 8 and Windows 10, Windows Defender is on by default. It switches itself off upon installation of a third party anti-virus package.^[15]

Starting with Windows 10, Microsoft began to transfer the control of Windows Defender out of its native client. Initially, its "Settings" dialog box was replaced by dedicated page in the Settings app. In Windows 10 Creators Update, Windows Defender is renamed Windows Defender Antivirus to distinguish it from Windows Defender Security Center. The latter has become the default avenue to interface with Windows Defender.^[16] While there is no shortcut on the Start menu for Windows Defender's native client, it can still run.^[17]^[18]

Advanced features

Windows Defender successfully blocks the EICAR test file

Real-time protection: In the Windows Defender options, the user can configure real-time protection options.
Browser integration: Integration with Internet Explorer and Microsoft Edge enables files to be scanned as they are downloaded to detect malicious software inadvertently downloaded. Although it does not integrate with non-Microsoft web browsers, Windows Defender scans for malicious downloaded files as part of its real-time protection.

Windows 10's Anniversary Update introduced Limited Periodic Scanning, which optionally allows Windows Defender to scan a system periodically if another antivirus app is installed.^[19] It also introduced Block at First Sight, which uses machine learning to predict whether a file is malicious.^[20]

Windows Vista-specific functionality

Windows Defender had additional functionality in Windows Vista which was removed in subsequent versions of Windows.

Security agents: Security agents monitor the computer for malicious activities.

Auto Start – Monitors lists of programs that are allowed to automatically run when the user starts the computer
System Configuration (settings) – Monitors security-related settings in Windows
Internet Explorer Add-ons – Monitors programs that automatically run when the user starts Internet Explorer
Internet Explorer Configurations (settings) – Monitors browser security settings
Internet Explorer Downloads – Monitors files and programs that are designed to work with Internet Explorer
Services and Drivers – Monitors services and drivers as they interact with Windows and programs
Application Execution – Monitors when programs start and any operations they perform while running
Application Registration – Monitors tools and files in the operating system where programs can register to run at any time
Windows Add-ons – Monitors add-on programs for Windows

Software Explorer: The Advanced Tools section allows users to discover potential vulnerabilities with a series of Software Explorers. They provide views of startup programs, currently running software, network connected applications, and Winsock providers (Winsock LSPs). In each Explorer, every element is rated as either "Known", "Unknown" or "Potentially Unwanted". The first and last categories carry a link to learn more about the particular item, and the second category invites users to submit the program to Microsoft SpyNet for analysis by community members.^[21]^[22] The Software Explorer feature has been removed from Windows Defender in Windows 7.^[23]

Notification of startup programs that run as an administrator: Windows Defender in Windows Vista automatically blocks all startup items that require administrator privileges to run (this is considered suspicious behavior for a startup item). This automatic blocking is related to the User Account Control functionality in Windows Vista, and requires users to manually run each of these startup items each time they log in if they desire the item to run at startup.^[24]

User interface: In Windows Vista, it is possible to close the window and have the program run in the system tray while a scan is running. However, in Windows 7, this functionality was removed and the window must remain open while a scan is running.

Windows Defender Offline

Windows Defender Offline (formerly known as Standalone System Sweeper Beta^[25]) is a bootable standalone antimalware program that runs from a bootable disk and is designed to scan infected systems while their operating systems are offline.^[26] Since Windows 10 Anniversary Update, offline functionality is integrated into the regular Windows Defender program.^[27]

Mitigated security vulnerability

On 5 May 2017, Tavis Ormandy, a vulnerability researcher for Google, discovered a security vulnerability in the JavaScript analysis module (NScript) of Microsft Antimalware Engine (MsMpEngine) that impacted Windows Defender, Microsoft Security Essentials and System Center Endpoint Protection. By 8 May 2017, Microsoft had released a patch to all affected systems. Ars Technica commended Microsoft for its unprecedented patching speed and said that the disaster had been averted.^[28]^[29]

References

↑ "Windows Defender". Download Center. Microsoft. 23 May 2007. Archived from the original on 29 April 2012.
↑ Shultz, Greg. "Windows Defender: Past, present, and future". Retrieved 13 June 2017.
↑ http://www.windowscentral.com/whats-new-windows-defender-windows-10-anniversary-update
1 2 3 Thurrot, Paul (6 October 2010). "Microsoft Windows Anti-Spyware Preview: Paul Thurott's SuperSite for Windows". SuperSite for Windows. Retrieved 26 November 2013.
↑ "Microsoft Acquires Anti-Spyware Leader GIANT Company". PressPass. Microsoft. December 16, 2004. Retrieved 11 November 2009.
↑ "Gates Highlights Progress on Security, Outlines Next Steps for Continued Innovation". PressPass. Microsoft Corporation. February 15, 2005. Retrieved 11 November 2009.
↑ Thurrott, Paul (14 February 2006). "Windows Defender Beta 2 Review: Paul Thurrott's SuperSite for Windows". SuperSite for Windows. Retrieved 26 November 2013.
↑ "Windows Defender: Startseite" (in German). Microsoft Corporation. Archived from the original on 30 January 2009. Retrieved 8 May 2011.
↑ "マイクロソフトセキュリティ At Home" (in Japanese). Microsoft Corporation. Archived from the original on 18 January 2010. Retrieved 8 May 2011.
↑ Thurrott, Paul (24 October 2006). "Finally, Microsoft Ships Windows Defender". Windows IT Pro. Retrieved 8 May 2011.
↑ Thurrott, Paul (18 June 2009). "Microsoft Security Essentials Public Beta". Paul Thurrott's SuperSite for Windows. Retrieved 8 May 2011.
↑ Hau, Kevin (23 June 2009). "Windows Defender and Microsoft Security Essentials". Microsoft Answers. Microsoft Corporation. Retrieved 8 May 2011.
↑ Marius, Marius Oiaga (30 August 2010). "Microsoft Security Essentials 1.0 and 2.0 Disable Windows Defender". Softpedia. SoftNews NET SRL. Retrieved 8 May 2011.
↑ Windows 8 Consumer Preview: Set Up Windows 8 with the Web Installer
↑ "Protect your PC". Support (12 ed.). Microsoft. 8 September 2016. Retrieved 14 December 2016.
↑ Lich, Brian (18 May 2017). "Windows Defender Antivirus in the Windows Defender Security Center app". docs.microsoft.com. Microsoft.
↑ Popa, Bogdan (24 August 2017). "Quick Tip: Use the Old Windows Defender in Windows 10 Creators Update". Softpedia. SoftNews.
↑ Williams, Wayne (24 August 2017). "How to get the classic Windows Defender back on Windows 10 Creators Update". BetaNews.
↑ http://www.windowscentral.com/whats-new-windows-defender-windows-10-anniversary-update
↑ http://betanews.com/2016/11/18/windows-10-block-at-first-sight-protection-in-windows-defender/
↑ "Using Software Explorer in Windows Defender". Support. Microsoft. Archived from the original on October 14, 2009. Retrieved April 26, 2017.
↑ O'Reilly, Dennis (April 22, 2008). "Software Explorer keeps unneeded apps from auto-starting". CNET. CBS Interactive. Retrieved May 9, 2015.
↑ Thurrott, Paul (October 6, 2010). "Windows 7 Annoyances". Supersite for Windows. Penton. Retrieved May 9, 2015.
↑ "Error message when you start a Windows Vista-based computer: 'Windows has blocked some startup programs'". Support. Microsoft. September 23, 2011. Archived from the original on April 7, 2015. Retrieved April 26, 2017.
↑ Microsoft Standalone System Sweeper
↑ "Windows Defender Offline". Microsoft.com. Microsoft. Retrieved 1 January 2012.
↑ "Help protect my PC with Windows Defender Offline" Microsoft. Accessed 4 October 2016
↑ Anthony, Sebastian (9 May 2017). "Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable". Ars Technica. Condé Nast.
↑ "Microsoft Security Advisory 4022344". TechNet. Microsoft. 8 May 2017.

External links

Microsoft Security Portal

Microsoft security products
Numbers in brackets are the years of the initial release of the product.
For Windows	Windows Firewall [2001] Baseline Security Analyzer [2004] Malicious Software Removal Tool [2005] Windows Defender [2006] Microsoft SmartScreen [2006] Microsoft Security Essentials [2009] Microsoft Safety Scanner [2011]
For Windows Server	Exchange Online Protection [2007] System Center Data Protection Manager [2007] Identity Manager [2010]
Discontinued	MSAV [1993] Threat Management Gateway [1997] OneCare Safety Scanner [2006] Unified Access Gateway [2007] Windows Live OneCare [2006] RootkitRevealer [2006]
Related topics	Kernel Patch Protection Data Execution Prevention MS Antivirus (malware)

Microsoft Windows components

Management
tools

CDFS
DFS
exFAT
IFS
FAT
NTFS
- Hard link
- Junction point
- Mount Point
- Reparse point
- Symbolic link
- TxF
- EFS
ReFS
UDF
WinFS

Server

Architecture

Security

Compatibility

API

Games

Solitaire Collection

Discontinued

Games	3D Pinball Chess Titans FreeCell Hearts InkBall Hold 'Em Purble Place Reversi Spider Solitaire Solitaire Tinker
Apps	ActiveMovie Anytime Upgrade Address Book Backup and Restore Cardfile CardSpace Contacts Desktop Gadgets Diagnostics DriveSpace DVD Maker Easy Transfer Fax File Manager Food & Drink Help and Support Center Health & Fitness HyperTerminal Internet Explorer Journal Media Center Meeting Space Messaging Messenger Mobile Device Center Movie Maker NetMeeting NTBackup Outlook Express Travel Photo Gallery Program Manager Steps Recorder WinHelp Write
Others	ScanDisk File Protection Media Control Interface Next-Generation Secure Computing Base POSIX subsystem Interix Video for Windows Windows SideShow Windows Services for UNIX Windows System Assessment Tool

Spun off to
Windows Store

Antivirus software

Companies

Major	Agnitum Avast Software AVG Technologies Avira Bitdefender Comodo Dr. Web ESET F-Secure Kaspersky McAfee Microsoft Panda Quick Heal Qihoo 360 Sophos Symantec Trend Micro
Minor	AhnLab Cisco Check Point ClamWin Fortinet FRISK G Data Intego Kingsoft Lavasoft Malwarebytes TrustPort VirusBlokAda Webroot Zemana ZoneAlarm

Products

Desktop,
server

Mobile,
tablet

Comparison of antivirus software

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.