Anti-malware assessment company AV-Comparatives has released its latest September 2022 report today. The report has found that Microsoft's in-house Defender antivirus has one of the poorest offline detection rates at just 69.8%. Meanwhile, G DATA has topped the chart with 96.0%. This means Microsoft Defender relies heavily on cloud-based protection. Although this is really poor compared to the other contenders, the result is significantly better than what Defender managed to do in the previous March test.
On the contrary, the online detection and protection rates for the Microsoft product are among the best. In case you are wondering what the difference between protection and detection is, here's how AV-Comparatives defines the two:
The File Detection Test we performed in previous years was a detection-only test. That is to say, it only tested the ability of security programs to detect a malicious program file before execution.
This Malware Protection Test checks not only the detection rates, but also the protection capabilities, i.e. the ability to prevent a malicious program from actually making any changes to the system.
You can find the full comparison of the various anti-malware solutions for offline and online detection rates, as well as the protection rates in the image below:
As you may have noticed above, Defender not only has one of the worst offline detections, it also suffers from a lot of false positive alarms. This is something Defender has been struggling with for a while, as we have had several instances of it recently. This is despite Microsoft openly expressing it wanted to improve in this aspect.
Thankfully for Microsoft, it also got compromised in just 1 out of 10,019 malware sample cases. Meanwhile, Trend Micro did worst of all, as it has 259 compromises. The products have been classified in clusters (either 1, 2, 3, or 4) depending on their protection rates:
Here is the full test results showing the breakdown of each of the percentage categories - compromised, user-dependent, blocked, and false positives:
Lastly, we have the final rankings of all the products. The rankings are based on how the anti-malware solutions have done with respect to their statistical clusters assigned (image above) and the total false positives detected.
Defender managed to score the ADVANCED+ award last time, but this time has to settle for ADVANCED. AV-Comparatives has, however, acknowledged that the very high number of false positives has affected this.
Source: AV-Comparatives
61 Comments - Add comment