Do You Still Need Antivirus?

As New Technologies In Windows And Android Help Ward Off Online Threats, Nik Rawlinson Asks If Standalone Protection Is Still Necessary.

Everybody Needs Antivirus Software

That’s the message that’s been drilled into us for decades. And thanks to the odd high-profile incident – such as 2017’s WannaCry ransomware attack – most of us recognise that the risk is real, and take steps to protect our PCs.

But is it still necessary to keep paying for protection? Today, the vast majority of security breaches rely on out-of-date vulnerabilities in Windows, for which patches have been released. The best thing you can do to protect your online security is to ensure that Windows Update runs regularly.

That’s why, in Windows 10, the feature can’t be disabled. On top of that, Windows 10 contains an impressive set of built-in security functions – effectively there’s an entire security suite running under the bonnet – with new capabilities in the Fall Creators Update.

Microsoft claims that all of this make it the most secure Windows ever. So do you still need antivirus software?

The Windows Security Centre

Windows 10’s security features are all accessed through the Windows Defender Security Centre. You’ll find its distinctive shield-shaped icon in the notification area, though you’ll probably need to click the up-pointing chevron to show it. Right-click the icon and select Open – you’ll see that the Security Centre is organised into logical sections, where you can look at different aspects of your security.

The antivirus section speaks for itself. Many people will stick with the free Windows Defender Antivirus, but if you’ve installed something else then the Security Centre will work with that instead. Click “View antivirus providers” and you’ll see which third-party tools have been detected.

When a standalone security product is detected, Windows automatically switches off its own built-in antivirus engine – but there’s nothing stopping you from turning it back on again. To avoid a confict, Defender Antivirus won’t carry out real-time scans while there’s another antivirus tool running, but it will still perform periodic check-ups. To enable this, switch back to Security Centre and click “Virus and threat protection”.

Expand the Windows Defender Antivirus options section and click the slider to enable Windows’ builtin protection.

Controlles Folder Access 

Historically, Defender Antivirus has been a simple signature-based scanner that inspects the files on your system for known types of malware. In the Fall Creators Update, it also gained the ability to keep an eye on specific folders, and steps in if an unauthorised app tries to make changes to their contents.

Controlles Folder Access 

So, even if a piece of ransomware slips through the net, Defender Antivirus should prevent it from locking up your i les.

Be warned, though – this feature might not be switched on by default.

To enable it, click through “Virus & threat protection” to “Virus & threat protection settings”. Scroll down and toggle a switch to enable “Controlled folder access”. Once you’ve enabled it, your documents, photos, videos, favourites and desktop folders are protected. To add another folder, such as a synced Dropbox folder, click “Protected folders” and use the “+” to locate and add new folders.

When controlled folder access is enabled, Microsoft automatically allows a range of known applications to access your folders; if it erroneously blocks something you need to use, add the application to your whitelist. Click “Allow an app through controlled folder access” and select the app from the Explorer window.

Before you start celebrating, though, be warned that there’s one limitation. Controlled folder access relies on Windows’ continuous protection feature, so Defender Antivirus has to be running in the background for it to work.

That means you can’t use it in combination with third-party virus protection – although nowadays many security suites include their own anti-ransomware measures.

If you’re managing multiple machines, you can also configure controlled folder access using the Group Policy Editor. To find it, click through to Computer Configuration | Administrative Templates | Windows Components | Windows Defender Antivirus |

Windows Defender Exploit Guard

Controlled Folder Access. Then, to enable the feature, open the “Configure Controlled folder access policy”, select the Enabled radio button and set the “Configure the guard my folders feature” to Block.

You’ll notice that there’s also an Audit option, alongside Block and Disable. This lets applications make changes freely, but records what they’ve done in the Windows event log. This probably isn’t appropriate for your work PC, but it could be a useful diagnostic tool, allowing you to see exactly what a suspect package does on a safely quarantined machine.

Enabling “Controlled Folder Access via Group Policy Editor” only protects the default locations. To add supplementary folders, step back to the Controlled Folder Access branch and edit the settings accessed via “Configure protected folders”.

Windows Firewall

The Windows Firewall was originally introduced back in 2003, in direct response to a devastating worldwide attack from a pair of worms known as Blaster and Sasser.

Since then, this type of attack has been all but eliminated, and there’s good reason to question if a third-party firewall is necessary.

Indeed, many security suites have ditched their own-brand firewalls; when you do see one advertised, the claimed benefit usually relates to user-friendliness rather than effectiveness.

Happily, you won’t normally need to configure the Windows firewall, as it comes preconfigured to offer a balance of security and convenience.

Still, if you know what you’re doing you can tweak the settings manually: just click on “Firewall & network protection” in the Security Centre to access its settings. By default, the firewall groups connections into three types, with different security settings that apply to domain networks (such as the network at your workplace), private networks (a home or office network where you know and trust the other devices on the same connection) and public networks (such as a Wi-Fi hotspot in a café or hotel).

Share this post