Robert O’Callahan, a former top Mozilla engineer, has criticized 3rd party antivirus vendors in a blog post and urges people to ditch any antivirus that isn’t Microsoft’s own Windows Defender on a computer that runs Windows 8.1 or Windows 10 and uninstall it if they have it already installed.
The bottom line is, Windows Defender is all you need to protect your Windows system.
Here are the reasons he laid out.
There is negligible evidence that major non-MS AV products give a net improvement in security. Many bugs listed in Google’s Project Zero indicate that not only do these products open many attack vectors but in general their developer do not follow standard security practices.
Reported by Forbes, two security researchers were able to catch 223 bugs across 11 TrendMicro products, 194 of which can be exploited remotely, all can be triggered without user interaction. While TrendMicro was quick to fix the bugs, it did raise the question why the company hadn’t found them during an audit.
Symantec was also in the same situation when zero-day flaws discovered in over twenty of its products. AVG also found itself in hot water over its privacy policy which gave the company the ability to sell the browser and search history of its users to third parties.
AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security.
He pointed out an example from the days when he still worked at Mozilla. Several times AV software blocked Firefox updates, making it impossible for users to receive critical security fixes. As a result, developers had to spend tons of time dealing with this AV-induced breakage.
Mr. O’Callahan also raised a point that it’s hard to get software vendors to speak out about the problems similar to Firefox updates because they need cooperation with the AV vendors to prevent them from bad-mouthing their product.
AV software is broadly installed and when it breaks your product, you need the cooperation of AV vendors to fix it. (You can’t tell users to turn off AV software because if anything bad were to happen that the AV software might have prevented, you’ll catch the blame.) When your product crashes on startup due to AV interference, users blame your product, not AV. Worse still, if they make your product incredibly slow and bloated, users just think that’s how your product is.
I couldn’t agree more.
For Windows 7 and below, O’Callahan did soften his voice a bit about AV software and suggested that third party AV software might make you slightly less doomed.
Source: Robert O’Callahan via Neowin
/Update on Feb. 1, 2017/
Some Google engineers also weighed in with the same comments complimenting Microsoft Defender the only well behaved AV software.
Browser makers don't complain about Microsoft Defender because we have tons of empirical data showing that it's the only well behaved AV. https://t.co/ClGwEWCoWu
— Justin Schuh (@justinschuh) January 31, 2017
Schuh, who has called AV his “single biggest impediment to shipping a secure browser,” also noted that he wasn’t talking about Defender:
That's fair. Defender is the only one I know of that hasn't broken Chrome's security mechanisms. /CC @taviso
— Justin Schuh (@justinschuh) January 31, 2017
Well, Microsoft Defender, previously called Microsoft Security Essentials, has come a long way.