AV-Comparatives, which is an anti-malware assessment company, recently published its latest report comparing various popular antivirus solutions on the market. Dubbed the “Real World Protection Test”, the assessment was last carried out in February-March 2023, when Microsoft Defender introduced Extremely good performance.This was conducted on a Windows 10 64-bit computer.
The Real-World Protection test deals with Internet threats and is different from the company’s Malware Protection test which deals with malicious programs executed on the system.
However, this time around, the Defender has dropped in performance by what might be considered a fairly significant amount. While last time Defender managed to block 99.8% of the malicious test cases, this time the blocking percentage dropped to 99.2% and this despite the number of test files being lower this time. In case you’re wondering, the February-March report had 520 test cases while this time, there are 254. The number of false positives is down to one from two last time, though percentage-wise, it’s probably similar due to the lower number of samples.
The number of test cases decreased due to several main reasons as explained by AV-Comparatives:
During the year we evaluate several tens of thousands of malicious URLs. Unfortunately, many of them have to be disposed of for various reasons. We remove duplicates such as the same malware hosted on different domains or different IP addresses, sites that have already been scanned, “grey” or non-malicious sites/files and malware/sites that disappear during scanning. Many malicious URLs carrying an exploit failed to compromise the selected system/applications due to the patch level. This means that the vulnerabilities in third-party applications on the system have already been patched and therefore the exploiters could not deliver their malicious payload.
Alongside Defender, software from other major vendors such as Kaspersky, McAfee, Bitdefender and ESET were also worse compared to last time. In particular, Kaspersky was really bad as it managed to block 100% of cases in the past with zero false positives.
The full result can be seen in the image below (click to enlarge):
The real star of the show this time seems to be F-Secure which blocked 100% of the threats although still maintaining a very high number of false positives. The best of the lot were Avast and AVG, both of which are based on the same engine and blocked 100% of the malware samples and only had a single false positive. You can read about the full results on it Page On the AV-Comparatives website.