One of the end-user oriented features revealed in yesterday’s BUILD keynote that I’m particularly excited about is the expansion of Windows Defender capabilities. Microsoft has had the limited Defender anti-malware capability built-in to Windows since Vista. Defender, although it uses the same anti-Malware engine as Microsoft Security Essentials (MSE), is primarily targetted at preventing Spyware and contains just a small fraction of MSE’s anti-malware signatures (and monitors fewer Windows pathways than MSE). This was an idea leftover from a decade ago when Anti-Virus and Anti-Spyware were considered two different problem spaces and users had to purchase two different solutions. Microsoft purchased the Giant Anti-Spyware product and made it available to users, later releasing an equivalent capability set as Windows Defender. User’s still had to install an anti-Virus product if they wanted protection from more than Spyware. Over the years both Anti-Virus and Anti-Malware were subsumed into integrated Anti-Malware products, but Windows Defender stayed targetted at its original Anti-Spyware mission. Since all Anti-Malware products now contain anti-Spyware capabilities, and with the threat threats now focused largely outside of its original scope, Windows Defender had become superfluous. Microsoft essentially had two choices, remove Windows Defender entirely or bring it into the current age and move it from being just an anti-Spyware feature to being a more complete Anti-Malware offering. With Windows 8 Microsoft is taking the Anti-Malware route with Windows Defender. This means every Windows 8 system will have excellent basic Anti-Malware capability out of the box. Finally!
How will Windows 8 Defender change the Anti-Malware landscape? Well, along with other Windows 8 security changes, it makes it much harder for the bad guys to attack the Windows system universe. If you look at the numbers each release of Windows (since XP SP2) has been less subject to Malware than its predecessor. One of the biggests issues remaining is that a very large percentage (I don’t recall the number, but perhaps half) of PCs do not run Anti-Malware software (or have let their subscription lapse so that they don’t get updates). Windows 8 mostly eliminates that situation. Not only does this leave Windows systems better protected, it may actually shrink the opportunity for malware authors to profit from their work so substantially that they turn their focus elsewhere (Mac, Android, Linux, etc.). This has already started to happen with Windows 7, Windows 8 should dramatically accelerate the trend.
For Anti-Malware product vendors I don’t think that Windows 8 Defender really impacts their strategies. They will continue to appeal to consumers by providing what they position as premium capabilities compared to Windows Defender (or MSE). And they will still primarily make their way onto systems by paying OEMs to pre-install trial versions. They’ll continue to tweak their products to make them more attractive for certain types of users. For example, I’d love to see an offering that lets me include the security status of my mother’s PC (2000 miles away) and alerts me when her system has a security issue. That might be enough to get me to install a paid product on not just her PC, but every PC in my household.
So welcome to the world of fully built-in anti-Malware with Windows 8.