Windows Defender was recently boosted by an industry-respected AV Test report that gave it a perfect rating alongside F-Secure Safe 17 and Norton Security 22 for home antivirus protection. The differentiator is that Windows Defender is a free solution that comes installed as part of Windows 10. This was excellent news for both Microsoft, which has been working hard to make Defender a top-notch security offering, and users who can get the best protection out there without splashing the cash. Until that is, Microsoft went and broke it with an update.
How did Microsoft break Windows Defender?
To resolve a coding flaw in the Windows System File Checker (SFC) that caused an error when checking for system files that needed repair, Microsoft released an update to Windows Defender on September 16. That fix, Windows Defender version 4.18.1908.7, unfortunately introduced another, just as serious, scanning problem: both quick and full scans stopped working after inspecting only a handful of files.
I confirmed this myself by running a full Windows Defender scan which, instead of taking up to an hour to complete, took a few seconds and reported it had only scanned ten files.
A Microsoft spokesperson confirmed the issue and said: “Only manual or scheduled scans conducted by administrators were temporarily impacted and we are working to resolve it.”
This issue is very concerning from a security perspective; users need to have trust in the security solution they are using and updates that break things also break this trust, or at least erode it. However, it should be pointed out that the real-time scanning of endpoints wasn’t impacted by the update, and users could still use the custom scanning feature which continued to work as intended.
What should you do now?
The good news is that Microsoft has already confirmed it has fixed the problem, almost as quickly as it created it, with another update. The fix can be found in a security intelligence update for Windows Defender antivirus. This should automatically update your Windows Defender definitions and resolve the scanning issue. To be sure, however, it is recommended that you check for updates in the Windows Security Virus & Threat Protection screen to trigger a download of the latest version.
What you shouldn’t do now
It’s essential to keep things in perspective here, which means not jumping to a knee-jerk conclusion that Windows Updates are all bad and should, therefore, be ignored where at all possible. Certainly when it comes to the security side of the updates fence, and that’s where I firmly stand, not updating is poor logic. Security updates do make your systems more secure, and even though they do go wrong now and then the vast majority are seamless improvements to the security posture of your machine. By not updating you are leaving yourself open to a much higher risk of something going seriously wrong, such as a breach or other compromise than updating exposes you to.
Perhaps I should have added a “What Microsoft should do now” heading, with the advice that it needs to get on top of these update issues before user trust in them is diminished to the point of no return. I appreciate it’s a challenging and complicated process, but an organization the size of Microsoft with all those years of experience really should do better.