However, Microsoft highlights that while its software lagged behind slightly in performance and false positive rates, it protected users 100% of the time. A new paper examines the results of the German AV-Tests and makes some interesting points.
The main takeaway is that Windows Defender is still enough to protect users and that it's getting better every year. The results show that it maintained a perfect protection score while improving in other areas. Usability went from 4.5 to 5.5, and performance from 5 to 5.5.
Though the application had a lower performance score, it's important to consider the specific area it applies to. The low score was primarily during the installation of frequently used programs. This task is nowhere near as prevalent as saying, web browsing, launching software, or copying files, especially in business. It says this is necessary due to the various parts of the OS installation touches.
In terms of false positives, Microsoft says testing methodology can have an impact. Windows Defender considers things like file name, the method it's obtained, and its file attributes. Essentially, they don't always transfer to real-world scenarios.
Windows Defender Advanced Threat Protection
However, the biggest issue Microsoft seems to take with the test is the variant of Windows Defender it used. AV-Test examined the regular anti-virus instead of Advanced Threat Protection, which is designed for enterprises.
Though Windows Defender scored 100% on the tests, it did miss two samples. Defender ATP makes up for this, and would likely show improvements in other areas, too. The fact AV-Test uses Business versions of other solutions but not Microsoft's full offering is a little unfair.
At the end of the day, though, this a heavily biased paper. It's there to save face and downplay the negatives. There are some solid points, but its hard to avoid the fact it performed worse than its competitors.
The bigger draw that isn't mentioned is compatibility. Over the past few months, we've seen various issues from third-party AVs that don't gel well with recent Windows patches or feature updates. Conversely, Microsoft knows the exact changes in advance and can adapt to them quickly. For some, that may be worth more than the slight improvements.
You can read the full report here.