Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?


--
After using my real address in 37 years of Usenet articles,
I am now reluctantly posting a fake address because of the
large number of sites scraping Usenet articles without
permission and putting them on their own pretend forum sites.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 6/27/2025 1:23 PM, Stan Brown wrote:

Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?

If you look at the files-offered pattern there, you can see that
signature scan capability can continue. Even if the
automatic updating were to stop, you can manually load
one of those files.

https://www.microsoft.com/en-us/wdsi/defenderupdates

A third party tool might have better or worse "heuristic analysis"
which is for new threats, for which a signature is not available.
MalwareBytes started as a business, by offering heuristic-only
analysis. They back-filled with signatures later. Cisco TALOS
managed "ClamAV" is a source of signatures. Plus, while everyone
will in their own way include ClamAV, there will also be additional
signatures, as samples from Virustotal are processed by the companies
who have the staff skilled enough to do it.

You might search through the AV-Comparatives, to see if the
AV companies have anything of real value. ESET for example, used
to be good at one time (had some heuristic protection).

Your own sense of OPSEC is a start. Double clicking email attachments
is an attack surface. Your web browser, has had some amount of
features added (but since a Black Hat can test and tune against the
browser, there are no guarantees there). When you view a Youtube movie,
chances are that is in a separate "container" in one running process,
and uses the GPU for conversion to pixels. The idea being, the container
does not have the same interpretive power and attack surface as the
main process.

But other attack paths, say someone takes control of your router,
there is always a potential for a worm of some sort.

When malware shows up at your door, it is "driven by motivation".
Most of the motivation in 2025, is to "make money". Ransomware,
while not a particularly good business model (too much tech support
to make the model work), is a possibility.

Items like "Sality", were invented for mass destruction. That one
might have been worm-able, so could attack any machines looking
at the LAN at the moment. They don't make too many of those.
You could express your outrage about some topic as a Black Hat, by doing
one of those. I would guess, that's a possibility. A lot of malware
attacks, were reversible. Sality is an exception (some code is removed and replaced with something else -- all executables present are ruined).

Rootkits, the popularity of those changes with time, and the
squirrel behavior of the OS is hard to distinguish from one of those. "TDSSKiller" was an example of a custom removal tool.

Summary: The defenders are losing, a bit. The OS is a bit harder to
attack, but has a good-sized attack surface. Most of your
"Protection" is from signatures. There is "0Patch" as a
vendor of security patches, but they do not promise to write
a patch for each and every CVE. They can only deliver the ones
they understand. Your Wile E Coyote umbrella isn't that big,
and the supply of overhead rocks seems un-ending. Your OPSEC helps
a bit, but the browser is the final arbiter of how safe you are.
Firefox has stack-smashing detection code, and all that means
is a Black Hat sits there and works on it, until they get past it.

If you are a click-monkey and untrainable (keep clicking the
Ad-Choice items), then you may well benefit from using ESET for
a couple years. If you've been running all this time with
Windows Defender and signatures (and not that much heuristic
protection), you'll be about as safe as you ever were.

With a rolling release, bugs are added just as fast as they
are removed. If someone wanted you tipped over, even a
"supported customer" gets tipped over. Maybe you are marginally
easier to tip over, if you double click that attachment with your
Windows 10 patch-state.

The most likely outcome, is you are reduced at some point to
"using Pale Moon", and maybe that would be easier to tip over
than some other browser. Hard to say.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2025-06-27 18:23, Stan Brown wrote:

Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?

I'm still getting Windows Defender updates for Win7, so I doubt that
Win10 would be a problem.

--

Fake news kills!

I may be contacted via the contact address given on my website:
www.macfh.co.uk

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Java Jive wrote:

On 2025-06-27 18:23, Stan Brown wrote:

Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?

I'm still getting Windows Defender updates for Win7, so I doubt that
Win10 would be a problem.

Same here.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 27/06/2025 18:23, Stan Brown wrote:

Specifically, will Windows Defender Antivirus continue to get new
virus definitions,

This will continue in the same way as Windows 7 users continued to get
free upgrades. New users of windows 10 or users doing a clean install
might struggle because Windows Defender/Windows Security might not be
available to download. However, this may not apply because Windows 10
came bundled with Windows Defender.

and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?

Windows defender will be as good as it is at present. There is no way
Microsoft will recreate it for Windows 10 users.

However, Microsoft is giving away free upgrade to Windows 10 security to individuals if they meet certain conditions. I suggest read their recent
blog at this link:

<https://blogs.windows.com/windowsexperience/2025/06/24/stay-secure-with-windows-11-copilot-pcs-and-windows-365-before-support-ends-for-windows-10/>

Scroll down until you reach the section that says:

"Windows 10 Extended Security Updates: A bridge to your Windows 11
experience"

Read it line by line and try to digest it. Alternatively, just pay $30
USD (local pricing may vary) and be protected for one year until October
2026.

You can use this one year to examine your options to go forward after
October 2026.

You should really be looking towards moving to Windows 12 as that will
be the future. Skip Windows 11 altogether!.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, 6/27/2025 1:23 PM, Stan Brown wrote:

Specifically, will Windows Defender Antivirus continue to get new
virus definitions, and if so is that enough to protect us? Or should
I go back to third-party antivirus when I continue using Windows 10
after EOL?

Thanks, Paul, for your analysis. Thanks also to the people who
pointed out that Defender is getting updates even in Windows 7, so
it'll probably get them in Windows 10.

To Paul's point, I am not a click-monkey. I don't open attachments
from strangers, and I don't assume that a message comes from the
person or company in the From line. Before I do open an attachment, I
scan it for malware.

When I get what looks like a message from some company I do business
with, and they include a handy button to click, I go instead to my
saved bookmark for that company and then navigate to what I'm looking
for.

This, and a disinclination to visit torrents, gaming sites, and such,
have kept me virus free for a lot of years. But I think I'll probably
start using the free edition of Malwarebytes again for periodic
scans, alongside of Microsoft's Defender for real-time protection,
and with my habits I'll probably be as safe as anyone.

Long term, I want to install Linux on my Windows 10 desktop. I'll
need to rewrite a bunch of my TCCLE scripts (batch files), and I'll
need to get Microsoft Excel working under Wine or else in a Windows
virtual machine without Internet. All the Windows programs I use have acceptable native-Linux substitutes -- except Excel. In Excel I've
written VBA routines in workbooks that I use almost every day, and I
don't know of any Excel alternative that supports VBA.


On Fri, 27 Jun 2025 16:07:23 -0400, Paul wrote:

If you look at the files-offered pattern there, you can see that
signature scan capability can continue. Even if the
automatic updating were to stop, you can manually load
one of those files.

https://www.microsoft.com/en-us/wdsi/defenderupdates

A third party tool might have better or worse "heuristic analysis"
which is for new threats, for which a signature is not available. MalwareBytes started as a business, by offering heuristic-only
analysis. They back-filled with signatures later. Cisco TALOS
managed "ClamAV" is a source of signatures. Plus, while everyone
will in their own way include ClamAV, there will also be additional signatures, as samples from Virustotal are processed by the companies
who have the staff skilled enough to do it.

You might search through the AV-Comparatives, to see if the
AV companies have anything of real value. ESET for example, used
to be good at one time (had some heuristic protection).

Your own sense of OPSEC is a start. Double clicking email attachments
is an attack surface. Your web browser, has had some amount of
features added (but since a Black Hat can test and tune against the
browser, there are no guarantees there). When you view a Youtube movie, chances are that is in a separate "container" in one running process,
and uses the GPU for conversion to pixels. The idea being, the container
does not have the same interpretive power and attack surface as the
main process.

But other attack paths, say someone takes control of your router,
there is always a potential for a worm of some sort.

When malware shows up at your door, it is "driven by motivation".
Most of the motivation in 2025, is to "make money". Ransomware,
while not a particularly good business model (too much tech support
to make the model work), is a possibility.

Items like "Sality", were invented for mass destruction. That one
might have been worm-able, so could attack any machines looking
at the LAN at the moment. They don't make too many of those.
You could express your outrage about some topic as a Black Hat, by doing
one of those. I would guess, that's a possibility. A lot of malware
attacks, were reversible. Sality is an exception (some code is removed and replaced with something else -- all executables present are ruined).

Rootkits, the popularity of those changes with time, and the
squirrel behavior of the OS is hard to distinguish from one of those. "TDSSKiller" was an example of a custom removal tool.

Summary: The defenders are losing, a bit. The OS is a bit harder to
attack, but has a good-sized attack surface. Most of your
"Protection" is from signatures. There is "0Patch" as a
vendor of security patches, but they do not promise to write
a patch for each and every CVE. They can only deliver the ones
they understand. Your Wile E Coyote umbrella isn't that big,
and the supply of overhead rocks seems un-ending. Your OPSEC helps
a bit, but the browser is the final arbiter of how safe you are.
Firefox has stack-smashing detection code, and all that means
is a Black Hat sits there and works on it, until they get past it.

If you are a click-monkey and untrainable (keep clicking the
Ad-Choice items), then you may well benefit from using ESET for
a couple years. If you've been running all this time with
Windows Defender and signatures (and not that much heuristic
protection), you'll be about as safe as you ever were.

With a rolling release, bugs are added just as fast as they
are removed. If someone wanted you tipped over, even a
"supported customer" gets tipped over. Maybe you are marginally
easier to tip over, if you double click that attachment with your
Windows 10 patch-state.

The most likely outcome, is you are reduced at some point to
"using Pale Moon", and maybe that would be easier to tip over
than some other browser. Hard to say.

Paul

--
After using my real address in 37 years of Usenet articles,
I am now reluctantly posting a fake address because of the
large number of sites scraping Usenet articles without
permission and putting them on their own pretend forum sites.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)