Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?
Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?
On 2025-06-27 18:23, Stan Brown wrote:
Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?
I'm still getting Windows Defender updates for Win7, so I doubt that
Win10 would be a problem.
Specifically, will Windows Defender Antivirus continue to get new
virus definitions,
and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?
On Fri, 6/27/2025 1:23 PM, Stan Brown wrote:
Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?
If you look at the files-offered pattern there, you can see that
signature scan capability can continue. Even if the
automatic updating were to stop, you can manually load
one of those files.
https://www.microsoft.com/en-us/wdsi/defenderupdates
A third party tool might have better or worse "heuristic analysis"
which is for new threats, for which a signature is not available. MalwareBytes started as a business, by offering heuristic-only
analysis. They back-filled with signatures later. Cisco TALOS
managed "ClamAV" is a source of signatures. Plus, while everyone
will in their own way include ClamAV, there will also be additional signatures, as samples from Virustotal are processed by the companies
who have the staff skilled enough to do it.
You might search through the AV-Comparatives, to see if the
AV companies have anything of real value. ESET for example, used
to be good at one time (had some heuristic protection).
Your own sense of OPSEC is a start. Double clicking email attachments
is an attack surface. Your web browser, has had some amount of
features added (but since a Black Hat can test and tune against the
browser, there are no guarantees there). When you view a Youtube movie, chances are that is in a separate "container" in one running process,
and uses the GPU for conversion to pixels. The idea being, the container
does not have the same interpretive power and attack surface as the
main process.
But other attack paths, say someone takes control of your router,
there is always a potential for a worm of some sort.
When malware shows up at your door, it is "driven by motivation".
Most of the motivation in 2025, is to "make money". Ransomware,
while not a particularly good business model (too much tech support
to make the model work), is a possibility.
Items like "Sality", were invented for mass destruction. That one
might have been worm-able, so could attack any machines looking
at the LAN at the moment. They don't make too many of those.
You could express your outrage about some topic as a Black Hat, by doing
one of those. I would guess, that's a possibility. A lot of malware
attacks, were reversible. Sality is an exception (some code is removed and replaced with something else -- all executables present are ruined).
Rootkits, the popularity of those changes with time, and the
squirrel behavior of the OS is hard to distinguish from one of those. "TDSSKiller" was an example of a custom removal tool.
Summary: The defenders are losing, a bit. The OS is a bit harder to
attack, but has a good-sized attack surface. Most of your
"Protection" is from signatures. There is "0Patch" as a
vendor of security patches, but they do not promise to write
a patch for each and every CVE. They can only deliver the ones
they understand. Your Wile E Coyote umbrella isn't that big,
and the supply of overhead rocks seems un-ending. Your OPSEC helps
a bit, but the browser is the final arbiter of how safe you are.
Firefox has stack-smashing detection code, and all that means
is a Black Hat sits there and works on it, until they get past it.
If you are a click-monkey and untrainable (keep clicking the
Ad-Choice items), then you may well benefit from using ESET for
a couple years. If you've been running all this time with
Windows Defender and signatures (and not that much heuristic
protection), you'll be about as safe as you ever were.
With a rolling release, bugs are added just as fast as they
are removed. If someone wanted you tipped over, even a
"supported customer" gets tipped over. Maybe you are marginally
easier to tip over, if you double click that attachment with your
Windows 10 patch-state.
The most likely outcome, is you are reduced at some point to
"using Pale Moon", and maybe that would be easier to tip over
than some other browser. Hard to say.
Paul
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 507 |
Nodes: | 16 (2 / 14) |
Uptime: | 195:45:01 |
Calls: | 9,965 |
Calls today: | 7 |
Files: | 13,828 |
Messages: | 6,356,760 |