PCMag editors select and review products independently. If you buy through affiliate links, we may earn commissions, which help support our testing.

PCMag UK

Microsoft's Antivirus Scores Soar

Neil J. Rubenking
 & Neil J. Rubenking Principal Writer, Security

Our team tests, rates, and reviews more than 1,500 products each year to help you make better buying decisions and get more from technology.

Our Expert
LOOK INSIDE PC LABS HOW WE TEST
65 EXPERTS
43 YEARS
41,500+ REVIEWS

Will the air bags in your car protect you in a crash? You could drive the car into a bridge abutment to find out, but you probably won't. Instead, you rely on the NHTSA to run crash tests and ensure that car makers are installing the air bags correctly. In the same way, you really don't want to test your antivirus by subjecting it to active malware. Leave that sort of testing to the independent labs around the world; they know what they're doing! Microsoft's free antivirus has been a perpetual sad sack in these lab tests, but recent reports suggest that may be changing.

Located in Magdeburg, Germany, AV-Test Institute is a well-respected lab. The institute takes advantage of its proximity to such scientific organizations as the Fraunhofer Institute for Factory Operation and Automation IFF, the Max Planck Institute for Dynamics of Complex Technical Systems, and the Otto-von-Guericke University of Magdeburg. With this last institution in particular, AV-Test supervises scientific final-year theses and offers course-related internships.

Threefold Evaluation
The researchers at AV-Test realize that there's more to antivirus than detecting and eliminating malware. An effective antivirus also must refrain from erroneously identifying valid programs or websites as malicious. And of course, it can't slow system performance by hogging resources. To address these criteria, they rate each antivirus on protection against malware, low impact on performance, and usability, meaning few or no false positives.

An antivirus can earn six points in each of the three categories, for a maximum total score of 18. In order to receive AV-Test certification, the product needs a total of at least 10 points, and can't have a zero in any of the three criteria.

Sinking Scores
Fully half of the 22 products included in this test scored worse than in the previous round of testing. Losses ranged from 0.5 points to 1.5 points. Even perpetual winner Kaspersky dropped from a perfect 18 to 17.5 points. This time around, only Bitdefender scored 18 points.

I asked AV-Test's CEO, Andreas Marx, if he had any thoughts about why this might be. He pointed out that in general it's not uncommon for protection scores to go up or down a half-point. However, he suggested that the biggest reason for a decline is that this test ran under Windows 7 while the previous test used Windows 8, and "Windows 7 behaves very differently when compared with Windows 8.1 or Windows 10." The next report from this lab will be the first using Windows 10.

Microsoft Makes Good
Other than ESET going from 14 to 14.5 points, Microsoft was the only success story this time around. Its 9.5 point score in the previous test didn't even make the cutoff for certification. This time around, Microsoft brought up its protection score by 2.5 points and its performance score by 2.0 points, for a new total of 14 points overall.

Because Microsoft's antivirus comes free with Windows, AV-Test and other labs treat it as a baseline. A third party product that doesn't do as well as the baseline is in trouble. AhnLab and Comodo barely matched the baseline, while Chinese antivirus Quick Heal dropped below, with 13 points.

Does this mean you can rely on Microsoft's built-in protection and ditch your antivirus? That may be a bit premature. It did raise the protection score by 2.5 points, but even with that its protection score is just three of a possible six points. More than half of the products tested earned the full six points for protection.

On the other hand, Microsoft also did well in the latest report from Dennis Technology Labs. In the past, Microsoft has famously flunked this real-world test, earning below-zero scores. In the latest test, Microsoft managed AA certification, the second-highest rating.

One thing's for sure. The fact that modern Windows versions offer some degree of antivirus protection even for users who are oblivious to the need is a good thing. If that protection starts to approach the effectiveness of third-party products, the end result can only be good for consumers.

Image courtesy of Flickr User ToddABishop.

About Our Expert

Neil J. Rubenking

Neil J. Rubenking

Principal Writer, Security

My Experience

When the IBM PC was new, I served as the president of the San Francisco PC User Group for three years. That’s how I met PCMag’s editorial team, who brought me on board in 1986. In the years since that fateful meeting, I’ve become PCMag’s expert on security, privacy, and identity protection, putting antivirus tools, security suites, and all kinds of security software through their paces.

Before my current security gig, I supplied PCMag readers with tips and solutions on using popular applications, operating systems, and programming languages in my "User to User" and "Ask Neil" columns, which began in 1990 and ran for almost 20 years. Along the way, I wrote more than 40 utility articles, as well as Delphi Programming for Dummies and six other books covering DOS, Windows, and programming. I also reviewed thousands of products of all kinds, ranging from early Sierra Online adventure games to AOL’s precursor Q-Link.

In the early 2000s, I turned my focus to security and the growing antivirus industry. After years of working with antivirus, I’m known throughout the security industry as an expert on evaluating antivirus tools. I serve as an advisory board member for the Anti-Malware Testing Standards Organization (AMTSO), an international nonprofit group dedicated to coordinating and improving testing of anti-malware solutions.

The Technology I Use

Much of the testing I do, particularly testing with real-world ransomware, is just plain dangerous. To perform such tests safely, I sequester them inside virtual machines managed by VMWare Workstation. For cross-platform testing, I use a MacBook Air, a Google Pixel 4, and a 6th-generation iPad.

I rely on my Delphi coding skills to create and maintain small applications. These include programs to check whether an antivirus correctly handled the malware it detected, launch dangerous URLs and record the security program’s reaction, and analyze the malware that I collect for use in testing. I also wrote a tiny browser and text editor for use in testing security apps that have predefined reactions for known products.

I do my writing and research on a Dell OptiPlex desktop, relying on Microsoft Word (my fingers know all the shortcuts). Many of my articles include charts and analysis; Excel is my go-to for those. When work hours end, though, I escape the bounds of Microsoft and Windows. There’s an iPhone in my pocket, I relax with my oversized iPad, and my Kindle Oasis is always loaded with the best science fiction and fantasy.

Read the latest from Neil J. Rubenking

Read full bio