Even 12 years ago Defender was good.
You are correct. MSE was what came after OneCare. Which also helps answering OP’s question - initially, Defender was an anti-spyware software, not a full AV, and as such intentionally would not catch everything for being out of scope.
Although the first anti-spyware came earlier in 2005, before Vista. I think Vista already had Defender built-in, so that happened before 7, too. In any case, it was all baby steps to avoid making AV companies too angry. Microsoft also had the Malicious Software Removal Tool (MSRT) since 2005 and I didn’t mention that part but it also played a role in what they decided to cover.
so many people still say “well, a guy i knew 8 years ago who worked at a local tech shop said i should use avast/mcaffe/[insert av here] so i will keep doing that”, it even is bleeding into games now, some mobile game i think is called pc builder makes you install avast to remove viruses. im glad people are finally starting to realize that Defender isnt total crap
following up on alerts instead of ignoring them.
Speaking of ignoring alerts, don’t allow any item(s) that proc up a generic thing like Win32:Spyware thinking it is nothing.
How Not To Secure Your Company (Target Data Breach)
The immutable laws of security
Also, the ransomware malware in question, I am thinking that the person(s) was using say Windows XP and failed to apply an update patch for things like EternalBlue/NotPetya exploit, correct?
Don’t put your security eggs all in one basket and fucking learn basic network security, like backups, user permissions, use a god damn firewall on a server, and following up on alerts instead of ignoring them
Hear, hear!
Clarification: Context matters. When I compare AVs, I’m not ruling out security practices. When I say, e.g., MSE is better than ESET Nod32, I don’t mean one can forgo firewalls.
The closest Microsoft ever came to criticism was its telemetry practices. The European Commission investigated Microsoft for espionage charges in 2017 and cleared it. (The same commission also investigated Kaspersky and TikTok and found them guilty.)
But tracking users in real time? Bullshit. Not even haters and trolls have accused Microsoft of that.
In addition, you can study AV-TEST.org’s results. Microsoft Antimalware has seen lows and highs, but overall, it has been one of the top performers.
I have 25 years of IT experience and an IT certification (MCSE, Security Specialization). During my tenure, I’ve repeatedly battled malware. So, I speak from experience.
Yeah maybe I focused a bit too much on the “12 years ago”.
It is an oddly ambiguous though. The obvious answer is “it just got improved upon enough”. But I assume OP is looking for a more specific answer (?).
I agree with most of what you said. There is only a minor matter.
In any case, it was all baby steps to avoid making AV companies too angry.
I don’t know. IMHO, the threat of litigation is folklore. While the PR from AV companies seems aggressive, their legal teams probably knew how a judge would see their litigation: A new player wants to enter the AV market, and the old players are trying to block the new blood, even if it means gaming the system.
These were all Windows 10 or 11 machines. A domain client presumably got infected and 25 TB of file shares wen’t down the drain, with 600 GB of law firm data exfiltrated. The FBI got involved - hackers wanted almost a million dollars in payment.
I warned the people higher up than me that we were getting virus alerts, which then started multiplying with newer, different infections on the data host (win server 2016 - possibly 2019). I logged in and saw it had never been updated (as in updates were disabled) and even the built-in firewall was off. Went completely ignored.
Since the server itself was infected, not just the file shares, we had to restore from backups. A perfect storm, and the lead tech had the audacity to get pissed off at me when I pointed out that even basic prevention mechanisms were not enabled because I hurt his wittle feewings. (he had set up the server, it turns out).
The reasoning behind what I said/wrote is that no one is going to know the OS as well as the developers that are responsible for its security architecture, and Webroot’s failure to contain said ransomware further cements that notion.
However, to your point, AV should be the last line of defense, so often times it’s comparing apples to apples, and when it comes to that, I’d rather get the apple from the same orchard the farmer selling it grew it on rather than the other guy… that analogy got a little screwed up, but I think you get the point.
Politics are irrelevant here. Dark Patterns are everywhere in Windows, Office, and Defender. Dark Patterns alone are enough to prove malicious intent. These things are attempted to be forced without options for the end user. Aka a rootkit. There is telemetry attempted to be forced in every aspect of Microsoft products and they certainly are using that data to tailor the adware built into those products.
Yep. I’m a software engineer so I fogure it would have improved. But in the last year or so, I keep hearing it’s all you need. And having the specification as to why would help me make an informed choice.
Today, maybe - OSs include browsers and security features by the ton. But not at the time. Microsoft was working under the restrictions of their antitrust case which fully expired only in 2011. So, in the mid-2010s, the threats had more teeth and there was much more reason to believe the US government could get involved to enforce their own judgment if Microsoft offered a full competing product bundled with their OS.
Also at the time, AVs were ignoring some of the spyware threat, in part because adware/spyware companies were businesses with their own lawyers. Symantec had to settle a lawsuit so they could keep removing Hotbar. I wouldn’t be surprised if AV companies were at first kind of happy that Microsoft would deal with that problem for home users, but it also made it harder for the larger companies to complain about unfair competition.
The only thing absent from that crazy rambling, besides a mention of the Illuminati and the new world order, was your original accusation of tracking users in real time! That’s what I get for being nice to people like you.