• Windows 10 EOL -- "no updates" applies for antivirus?

    From Stan Brown@21:1/5 to All on Fri Jun 27 10:23:34 2025
    Specifically, will Windows Defender Antivirus continue to get new
    virus definitions, and if so is that enough to protect us? Or should
    I go back to third-party antivirus when I continue using Windows 10
    after EOL?


    --
    After using my real address in 37 years of Usenet articles,
    I am now reluctantly posting a fake address because of the
    large number of sites scraping Usenet articles without
    permission and putting them on their own pretend forum sites.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Paul@21:1/5 to Stan Brown on Fri Jun 27 16:07:23 2025
    On Fri, 6/27/2025 1:23 PM, Stan Brown wrote:
    Specifically, will Windows Defender Antivirus continue to get new
    virus definitions, and if so is that enough to protect us? Or should
    I go back to third-party antivirus when I continue using Windows 10
    after EOL?



    If you look at the files-offered pattern there, you can see that
    signature scan capability can continue. Even if the
    automatic updating were to stop, you can manually load
    one of those files.

    https://www.microsoft.com/en-us/wdsi/defenderupdates

    A third party tool might have better or worse "heuristic analysis"
    which is for new threats, for which a signature is not available.
    MalwareBytes started as a business, by offering heuristic-only
    analysis. They back-filled with signatures later. Cisco TALOS
    managed "ClamAV" is a source of signatures. Plus, while everyone
    will in their own way include ClamAV, there will also be additional
    signatures, as samples from Virustotal are processed by the companies
    who have the staff skilled enough to do it.

    You might search through the AV-Comparatives, to see if the
    AV companies have anything of real value. ESET for example, used
    to be good at one time (had some heuristic protection).

    Your own sense of OPSEC is a start. Double clicking email attachments
    is an attack surface. Your web browser, has had some amount of
    features added (but since a Black Hat can test and tune against the
    browser, there are no guarantees there). When you view a Youtube movie,
    chances are that is in a separate "container" in one running process,
    and uses the GPU for conversion to pixels. The idea being, the container
    does not have the same interpretive power and attack surface as the
    main process.

    But other attack paths, say someone takes control of your router,
    there is always a potential for a worm of some sort.

    When malware shows up at your door, it is "driven by motivation".
    Most of the motivation in 2025, is to "make money". Ransomware,
    while not a particularly good business model (too much tech support
    to make the model work), is a possibility.

    Items like "Sality", were invented for mass destruction. That one
    might have been worm-able, so could attack any machines looking
    at the LAN at the moment. They don't make too many of those.
    You could express your outrage about some topic as a Black Hat, by doing
    one of those. I would guess, that's a possibility. A lot of malware
    attacks, were reversible. Sality is an exception (some code is removed and replaced with something else -- all executables present are ruined).

    Rootkits, the popularity of those changes with time, and the
    squirrel behavior of the OS is hard to distinguish from one of those. "TDSSKiller" was an example of a custom removal tool.

    Summary: The defenders are losing, a bit. The OS is a bit harder to
    attack, but has a good-sized attack surface. Most of your
    "Protection" is from signatures. There is "0Patch" as a
    vendor of security patches, but they do not promise to write
    a patch for each and every CVE. They can only deliver the ones
    they understand. Your Wile E Coyote umbrella isn't that big,
    and the supply of overhead rocks seems un-ending. Your OPSEC helps
    a bit, but the browser is the final arbiter of how safe you are.
    Firefox has stack-smashing detection code, and all that means
    is a Black Hat sits there and works on it, until they get past it.

    If you are a click-monkey and untrainable (keep clicking the
    Ad-Choice items), then you may well benefit from using ESET for
    a couple years. If you've been running all this time with
    Windows Defender and signatures (and not that much heuristic
    protection), you'll be about as safe as you ever were.

    With a rolling release, bugs are added just as fast as they
    are removed. If someone wanted you tipped over, even a
    "supported customer" gets tipped over. Maybe you are marginally
    easier to tip over, if you double click that attachment with your
    Windows 10 patch-state.

    The most likely outcome, is you are reduced at some point to
    "using Pale Moon", and maybe that would be easier to tip over
    than some other browser. Hard to say.

    Paul

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Java Jive@21:1/5 to Stan Brown on Sat Jun 28 00:22:44 2025
    On 2025-06-27 18:23, Stan Brown wrote:
    Specifically, will Windows Defender Antivirus continue to get new
    virus definitions, and if so is that enough to protect us? Or should
    I go back to third-party antivirus when I continue using Windows 10
    after EOL?

    I'm still getting Windows Defender updates for Win7, so I doubt that
    Win10 would be a problem.

    --

    Fake news kills!

    I may be contacted via the contact address given on my website:
    www.macfh.co.uk

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Paul in Houston TX@21:1/5 to Java Jive on Fri Jun 27 19:29:50 2025
    Java Jive wrote:
    On 2025-06-27 18:23, Stan Brown wrote:
    Specifically, will Windows Defender Antivirus continue to get new
    virus definitions, and if so is that enough to protect us? Or should
    I go back to third-party antivirus when I continue using Windows 10
    after EOL?

    I'm still getting Windows Defender updates for Win7, so I doubt that
    Win10 would be a problem.

    Same here.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Windows 11 User@21:1/5 to Stan Brown on Sat Jun 28 00:49:45 2025
    On 27/06/2025 18:23, Stan Brown wrote:
    Specifically, will Windows Defender Antivirus continue to get new
    virus definitions,

    This will continue in the same way as Windows 7 users continued to get
    free upgrades. New users of windows 10 or users doing a clean install
    might struggle because Windows Defender/Windows Security might not be
    available to download. However, this may not apply because Windows 10
    came bundled with Windows Defender.

    and if so is that enough to protect us? Or should
    I go back to third-party antivirus when I continue using Windows 10
    after EOL?


    Windows defender will be as good as it is at present. There is no way
    Microsoft will recreate it for Windows 10 users.

    However, Microsoft is giving away free upgrade to Windows 10 security to individuals if they meet certain conditions. I suggest read their recent
    blog at this link:

    <https://blogs.windows.com/windowsexperience/2025/06/24/stay-secure-with-windows-11-copilot-pcs-and-windows-365-before-support-ends-for-windows-10/>

    Scroll down until you reach the section that says:

    "Windows 10 Extended Security Updates: A bridge to your Windows 11
    experience"

    Read it line by line and try to digest it. Alternatively, just pay $30
    USD (local pricing may vary) and be protected for one year until October
    2026.

    You can use this one year to examine your options to go forward after
    October 2026.

    You should really be looking towards moving to Windows 12 as that will
    be the future. Skip Windows 11 altogether!.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Stan Brown@21:1/5 to Paul on Sat Jun 28 09:31:12 2025

    On Fri, 6/27/2025 1:23 PM, Stan Brown wrote:
    Specifically, will Windows Defender Antivirus continue to get new
    virus definitions, and if so is that enough to protect us? Or should
    I go back to third-party antivirus when I continue using Windows 10
    after EOL?

    Thanks, Paul, for your analysis. Thanks also to the people who
    pointed out that Defender is getting updates even in Windows 7, so
    it'll probably get them in Windows 10.

    To Paul's point, I am not a click-monkey. I don't open attachments
    from strangers, and I don't assume that a message comes from the
    person or company in the From line. Before I do open an attachment, I
    scan it for malware.

    When I get what looks like a message from some company I do business
    with, and they include a handy button to click, I go instead to my
    saved bookmark for that company and then navigate to what I'm looking
    for.

    This, and a disinclination to visit torrents, gaming sites, and such,
    have kept me virus free for a lot of years. But I think I'll probably
    start using the free edition of Malwarebytes again for periodic
    scans, alongside of Microsoft's Defender for real-time protection,
    and with my habits I'll probably be as safe as anyone.

    Long term, I want to install Linux on my Windows 10 desktop. I'll
    need to rewrite a bunch of my TCCLE scripts (batch files), and I'll
    need to get Microsoft Excel working under Wine or else in a Windows
    virtual machine without Internet. All the Windows programs I use have acceptable native-Linux substitutes -- except Excel. In Excel I've
    written VBA routines in workbooks that I use almost every day, and I
    don't know of any Excel alternative that supports VBA.


    On Fri, 27 Jun 2025 16:07:23 -0400, Paul wrote:
    If you look at the files-offered pattern there, you can see that
    signature scan capability can continue. Even if the
    automatic updating were to stop, you can manually load
    one of those files.

    https://www.microsoft.com/en-us/wdsi/defenderupdates

    A third party tool might have better or worse "heuristic analysis"
    which is for new threats, for which a signature is not available. MalwareBytes started as a business, by offering heuristic-only
    analysis. They back-filled with signatures later. Cisco TALOS
    managed "ClamAV" is a source of signatures. Plus, while everyone
    will in their own way include ClamAV, there will also be additional signatures, as samples from Virustotal are processed by the companies
    who have the staff skilled enough to do it.

    You might search through the AV-Comparatives, to see if the
    AV companies have anything of real value. ESET for example, used
    to be good at one time (had some heuristic protection).

    Your own sense of OPSEC is a start. Double clicking email attachments
    is an attack surface. Your web browser, has had some amount of
    features added (but since a Black Hat can test and tune against the
    browser, there are no guarantees there). When you view a Youtube movie, chances are that is in a separate "container" in one running process,
    and uses the GPU for conversion to pixels. The idea being, the container
    does not have the same interpretive power and attack surface as the
    main process.

    But other attack paths, say someone takes control of your router,
    there is always a potential for a worm of some sort.

    When malware shows up at your door, it is "driven by motivation".
    Most of the motivation in 2025, is to "make money". Ransomware,
    while not a particularly good business model (too much tech support
    to make the model work), is a possibility.

    Items like "Sality", were invented for mass destruction. That one
    might have been worm-able, so could attack any machines looking
    at the LAN at the moment. They don't make too many of those.
    You could express your outrage about some topic as a Black Hat, by doing
    one of those. I would guess, that's a possibility. A lot of malware
    attacks, were reversible. Sality is an exception (some code is removed and replaced with something else -- all executables present are ruined).

    Rootkits, the popularity of those changes with time, and the
    squirrel behavior of the OS is hard to distinguish from one of those. "TDSSKiller" was an example of a custom removal tool.

    Summary: The defenders are losing, a bit. The OS is a bit harder to
    attack, but has a good-sized attack surface. Most of your
    "Protection" is from signatures. There is "0Patch" as a
    vendor of security patches, but they do not promise to write
    a patch for each and every CVE. They can only deliver the ones
    they understand. Your Wile E Coyote umbrella isn't that big,
    and the supply of overhead rocks seems un-ending. Your OPSEC helps
    a bit, but the browser is the final arbiter of how safe you are.
    Firefox has stack-smashing detection code, and all that means
    is a Black Hat sits there and works on it, until they get past it.

    If you are a click-monkey and untrainable (keep clicking the
    Ad-Choice items), then you may well benefit from using ESET for
    a couple years. If you've been running all this time with
    Windows Defender and signatures (and not that much heuristic
    protection), you'll be about as safe as you ever were.

    With a rolling release, bugs are added just as fast as they
    are removed. If someone wanted you tipped over, even a
    "supported customer" gets tipped over. Maybe you are marginally
    easier to tip over, if you double click that attachment with your
    Windows 10 patch-state.

    The most likely outcome, is you are reduced at some point to
    "using Pale Moon", and maybe that would be easier to tip over
    than some other browser. Hard to say.

    Paul

    --
    After using my real address in 37 years of Usenet articles,
    I am now reluctantly posting a fake address because of the
    large number of sites scraping Usenet articles without
    permission and putting them on their own pretend forum sites.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)