Microsoft Defender, Kaspersky and McAfee performed poorly in the latest Windows environment tests

Anti-malware assessment company AV-Comparatives recently released its latest report comparing various popular anti-virus solutions on the market. The evaluation, called Real World Protection Test, was conducted between February and March 2023, and Microsoft Defender performed very well at that time. The test was conducted on a Windows 1064-bit computer.

Real-world protection testing targets cyber threats, unlike the company's malware protection testing, which targets malware executing on a system.

However, this time, Defender's performance has regressed to a certain extent. Last time, Defender successfully blocked 99.8% of malicious test cases, while this time the blocking rate dropped to 99.2%, although the number of test files this time was smaller. The report from February to March had 520 test cases, while this time there were only 254. The false positive rate has dropped from two to one last time, but from a percentage point of view, due to the reduced number of samples, the false positive rate may be similar to last time.

As AV-Comparatives explains, there are several main reasons for the reduction in the number of test cases:

Over the course of a year, we evaluated tens of thousands of malicious URLs. Sadly, many of them had to be abandoned for various reasons. We remove duplicate malware, such as the same malware hosted on different domain names or IP addresses, sites that have already been tested, "grey" or non-malicious sites/files, and malware/sites that disappeared during testing. Many malicious URLs carrying vulnerabilities are unable to invade selected systems/applications due to patch levels. This means that the vulnerabilities of third-party applications in the system have been patched, so the exploit cannot send malicious payloads.

In addition to Defender, software from other major vendors such as Kaspersky, McAfee, Bitdefender and ESET also declined compared to last time. Among them, Kaspersky's performance is particularly bad, because it often blocked 100% of cases with zero false positive rate.

See the picture below for complete results:

AV-Comparatives July-August 2023 Cyber Threat Test Results

The real star this time seemed to be F-Secure, which blocked 100% of all threats, but still had a high false positive rate. The best of them all are Avast and AVG, which are both based on the same engine and blocked 100% of malware samples with only one false positive.

You can read the full results on this page of the AV-Comparatives website:

https://www.av-comparatives.org/tests/real-world-protection-test-july-august-2023-factsheet/