Share via

Windows Defender Explained

  • Article

Hi, I’m Mike Chan, a product manager for Windows Vista. I wanted to let everyone know about a great feature that is included in Windows Vista. The threat of malicious software is still a problem that many customers face today and Microsoft has been making progress against these threats over the past few years with a combination of guidance, industry partnership and security technologies. One of our latest technologies to combat malicious and unwanted software is with Windows Defender (WD), which helps prevent poor performance and unwanted pop-up ads that can be caused by spyware. Windows Defender also helps keep private information out of the hands of spyware and other potentially unwanted software. Using Windows Defender is easy with single click access to features such as a quick scan. Windows Defender also works in the background to protect you against software that attempts to install onto your machine without proper consent or notification. One of the little known facts about Windows Defender is that it is now implemented as a system service so it provides protection for all users and utilizes User Account Control (UAC) (https://www.microsoft.com/windowsvista/uac) to take any actions that need administrator privileges. The UI runs under the user context, but all scanning and cleaning activities are accomplished by the service. Furthermore, there is integration with IE (https://www.microsoft.com/windows/ie/ie7/default.mspx) so that downloads are scanned when they are downloaded to help ensure that you do not accidentally download malicious software. This is accomplished using the IOfficeAntiVirus API (https://windowssdk.msdn.microsoft.com/library/default.asp?url=/workshop/security/antivirus/reference/ifaces/iofficeantivirus/scan.asp). Note, the API is used for any file scanning, not just for Office or AntiVirus. Also, Windows Defender is not a replacement for AntiVirus and Microsoft always recommends that customers deploy a full AV product. Also, Microsoft is committed to providing our customers with free on-going definition updates so you don’t ever have to worry about your protection expiring. The added security that Windows Defender provides lets you get back to using your computer without unneeded interruptions. For more information, visit https://www.microsoft.com/windowsdefender and remember to check out the Microsoft anti-malware blog (https://blogs.technet.com/antimalware).

Comments

  • Anonymous
    April 21, 2006
    Nice.
  • Anonymous
    April 22, 2006
    Thanks Mike
  • Anonymous
    April 23, 2006
    Nice! Great to see a blog specially for Windows Vista.
  • Anonymous
    April 24, 2006
    The comment has been removed
  • Anonymous
    April 24, 2006
    I’d like to respond to Luca’s comment about the relevance of Windows Defender on Vista. We have made many improvements to security including UAC (new name for UAP), IE7+protected mode and better kernel isolation, but Windows Defender is still very much a needed part of Windows Vista. The reason is that it turns out much malicious software today installs on a machine due to social engineering instead of vulnerability exploits. Also, there can be unwanted software that also runs happily as a user context (they still have access to all your user information and adware can run under the user context as well). Therefore, in order to help protect the users' information, as well as help the customer be more safe by alerting them to potentially unwanted software before they install it, Windows Defender is still very relevant on Windows Vista and in fact works better on Vista as we have integration with both UAC and IE7.

    Mike Chan [MSFT]
  • Anonymous
    April 26, 2006
    The comment has been removed
  • Anonymous
    May 18, 2006
    I hope there is a way to disable&uninstall all these user-protection systems in your new operating system?

  • Anonymous
    May 19, 2006
    Alex, Mike Chan here – the product manager for Windows Defender. There is indeed a way to disable Windows Defender as well as many of the other user protection technologies that come with Vista. If you have alternative anti-spyware products, or your own favorite personal firewall, you can disable the respective technology in Windows Vista. Our first goal is the security of our customers, so as long as you have protection that you trust, feel free to use it!
  • Anonymous
    May 21, 2006
    Do you know if Windows Vista will have a code injection protection? A warning if a process is injecting some code into another process.
  • Anonymous
    June 02, 2006
    The comment has been removed
  • Anonymous
    June 03, 2006
    The comment has been removed
  • Anonymous
    June 07, 2006
    Hi Eric S:  IE7 is the answer – the reason why Windows Defender no longer includes "Tracks Eraser" is because much of its functionality will be duplicated with IE7, so download and use the IE7 beta and you will see the privacy "eraser" buttons there.

  • Anonymous
    June 08, 2006
    Thank you much for that comment.  I also found a site that offered much insight into my problem.  And after researching further myself, there is a lot of truth to the information and my issue has been resolved with their product.

    http://www.purgeie.com/errcache.htm

    Thanks again!
  • Anonymous
    June 14, 2006

    I am also disappointed with the omission of "tracks eraser" from the Beta 2 of Windows Defender, and I do not agree with Winblog that IE7 is the answer.

    Tracks eraser went further than only cleaning out IE. With one click of the button, recent file lists and temp files of windows, office, WMP, etc. were also cleaned (I remember I checked 17 items to be cleaned). This was very useful to keep a computer free from garbage, and to protect privacy on shared computers.

    Can you explain why it was removed, and what you propose as alternative?

    Thanx.
  • Anonymous
    July 04, 2006
    Mike, Windows defender is all very nice and all. But I need to please know what AntiVirus program I can run with Vista build 5456. Norton will not install. I had to turn off UAC because its annoying. The pop ups were driving me bannanas. No one, and I mean no one will want UAC active after spending an hour with it. I guarantee it. Again, if anyone has a clue which antivirus, if any will work smoothly, please let me know.
  • Anonymous
    July 05, 2006
    Hi Jon – We are working with our AV partners to ensure that customers have the best protection available to them on the Windows Vista platform.  This page http://www.microsoft.com/athome/security/viruses/wsc/en-us/windowsvistabeta2.mspx will be updated as more partners support the Windows Vista platform.  Currently, Trend Micro has a trial subscription that will work on Windows Vista Beta 2.

    Thanks,

    Mike Chan
    Windows Vista Security