AV-Comparatives, which is an anti-malware assessment firm, released its latest report recently comparing various popular anti-virus solutions on the market. Dubbed “Real-World Protection Test”, the evaluation was last done in February-March 2023 where Microsoft Defender had performed extremely well. It was conducted on a Windows 10 64-bit PC.
The Real-World Protection test deals with web threats and is different from the company’s Malware Protection Test which is about malware executed on the system.
This time around though, Defender has regressed in performance by what may be regarded as a somewhat significant amount. While last time, Defender had managed to block 99.8% of the malicious test cases, this time the blocked percentage fell to 99.2%, and this was despite the number of test files being lower this time. In case you are wondering, the February-March report had 520 test cases whereas this time around, there are 254. The number of false positives came down to one as opposed to two last time, though percentage-wise, it is probably similar due to the lower number of samples.
Over the year we evaluate several tens of thousands malicious URLs. Unfortunately, many of these have to be discarded for various reasons. We remove duplicates such as the same malware hosted on different domains or IP addresses, sites already tested, “grey” or non-malicious sites/files, and malware/sites disappearing during the test. Many malicious URLs carrying exploits were not able to compromise the chosen system/applications because of the patch level. This means that the vulnerabilities in the third-party applications on the system were already patched and the exploits could therefore not deliver their malicious payload.
Alongside Defender, other major vendors’ software like Kaspersky, McAfee, Bitdefender, and ESET were also worse off compared to last time. In particular, Kaspersky was really poor as it was able to block 100% of cases previously with zero false positives.
The full result can be viewed in the image below (click to zoom):
The real star of the show this time seems to be F-Secure which blocked 100% of the threats though it still retained a very high number of false positives. The best of the lot was Avast and AVG, which are both based on the same engine and blocked 100% of the malware samples and only had a single false positive. You can read about the full results on this page on AV-Comparatives’ website.