Once upon a time, an antivirus program would be the one of the first pieces of software you would install on a new Windows PC. Now, that’s much less common. Many users instead now rely on the Windows Security tool that’s built into Microsoft’s operating system to keep them protected against viruses and malware. And yet, there are still plenty of antivirus and anti-malware security solutions for Windows. So should you be installing one of these packages? The answer, as you might expect, is that it depends. We won't take you through the entire history of Microsoft Windows and its security features, but it's helpful to go back to September 2009: This was when a new program called Microsoft Security Essentials got added to the operating system. In the years since, that program has evolved and changed to become the Windows Security application you'll find preinstalled on your system today. To find it, open the Start menu and look for “windows security.” You'll see all the various components that make up the program on the Home tab, and they’re all things that used to be handled by third-party programs: virus and malware threat protection, a firewall for locking down the network, and browser controls for stopping potentially dangerous downloads, for example. The Windows Security suite is designed to be as low-maintenance as possible, and most users aren't going to need to do anything with it—it'll simply run quietly in the background, watching out for viruses and other threats. Scans of the system and downloads of the latest virus definitions are handled automatically without any user input, though you can run scans manually (via Virus & threat protection). Open up the Device security tab and you're able to see some of the other built-in protections in Windows, which will depend in part on the hardware components in your PC. The safeguards you'll see here, such as the trusted platform module, prevent malware from interfering with core Windows functions and running software that hasn't been authorized. So you've got Windows Security on your system, and you should also have a modern, up-to-date web browser installed. Browsers like Google Chrome and Apple's Safari come with a whole host of security protections to identify dodgy websites, protect you from nasty downloads, and block bad code from running in your browser. These safeguards built into modern browsers provide another important layer of protection. Don't underestimate the value of updates for your browser and for Windows itself either. A significant number of malware packages exploit older software, which is why Microsoft and the browser makers are continually issuing updates to plug holes and patch up vulnerabilities. If you're running the latest version of Windows and the latest version of your browser, that's another line of defense. Antivirus software typically adds several elements to the mix, though it varies between packages: You might get a VPN included, for example, as well as parental controls, a password manager, and some secure cloud storage for your files. There are also often monitoring tools to look out for data hacks and leaks that might include your personal information (from credit card numbers to login details). Dedicated antivirus programs will often be more proactive than Windows' own solution, scanning incoming data as it arrives on the network and looking out for connected devices—like smart home gadgets—that may not have comprehensive privacy and security protections of their own. As the built-in Windows antivirus tool has improved, these third-party options have evolved to offer more and more functionality. There's no simple yes or no answer as to whether you need an antivirus program on Windows. It's your choice, and if you want to go without one, then you do so at your own risk. The products offered by the big names in the business like Bitdefender and Norton are certainly effective and reliable when it comes to keeping malicious code away from your Windows system. At the same time, an up-to-date version of Windows, plus Windows Security, plus a current web browser, is a pretty robust setup for most users—and one that a lot of viruses and other malware are going to struggle to get through. Your online activities affect your level of safety too: Spend a lot of time watching and downloading pirated content, for example, and your risk level goes up. It's a bit like driving in some ways. Observe the speed limits, keep your eyes on the road, follow the signs, stick to the parts of town you're most familiar with, and you're going to stay out of trouble most of the time—but you're going to be even safer in an armored car and with a police escort. It's worth noting that neither setup is 100 percent guaranteed to keep you safe all of the time. Also, it's ironic, but sometimes installing an antivirus program comes with its own security risks. For more please visit OUR FORUM.

Unsurprisingly, with little more than a year to run before Windows 10’s unpopular end-of-life becomes reality, speculation continues to mount as to whether Microsoft will relent and extend support or remove the hardware hurdles preventing millions from upgrading. But here’s the bad news if you have such hopes—Microsoft has just issued a little-noticed, dressed-up warning for the 70% yet to upgrade. This comes by way of an innocuous post from Microsoft’s Digital Inside Track blog, “which tells the story of how Microsoft uses its own technology.” This particular post trumpets Microsoft’s own upgrade to Windows 11, which “makes secure-by-default viable thanks to a combination of modern hardware and software. This ready out-of-the-box protection enables us to create a new baseline internally across Microsoft, one that level sets our enterprise to be more secure for a hybrid workplace.” The post was published just ahead of the most recent Patch Tuesday—which revealed yet more zero-days for Windows users to contend with, and includes a timely comment from David Weston, the company’s vice president of Enterprise and OS Security: “We’ve made significant strides to create chip-to-cloud Zero Trust out of the box. Windows 11 is redesigned for hybrid work and security with built-in hardware-based isolation, proven encryption, and our strongest protection against malware.” If there was any doubt that this is an unapologetic trumpeting of the new hardware hurdle, the post’s headline alone should be confirmation enough: “Hardware-backed Windows 11 empowers Microsoft with secure-by-default baseline,” with the article reinforcing that “this new baseline for protection is one of several reasons Microsoft upgraded to Windows 11… The new hardware-backed security features create the foundation for new protections. This empowers us to not only protect our enterprise but also our customers.” Putting aside the non-starter of Microsoft not upgrading. The hardware hurdle is TPM—the PC’s Trusted Platform Module, of course, with Windows 11 mandating TPM 2.0, “a critical building block for protecting user identities and data,” Weston says. “For many enterprises, including Microsoft, TPM facilitates Zero Trust security by measuring the health of a device using hardware that is resilient to tampering common with software-only solutions.” And then the final clincher. “The hardware-backed features of Windows 11 create additional interference against malware, ransomware, and more sophisticated hardware-based attacks… By enforcing a hardware requirement, we can now do more than ever to keep our users, products, and customers safe.” This is all another way of saying that with Windows 10 you get the opposite. Less secure from all those threats. And in the current environment, Microsoft’s warning is one you simply cannot ignore. The post was published just a few weeks after Microsoft shut down the well-publicized “/product server” workaround, which I commented at the time was a clear signal that hurdles were not about to be relaxed. And while the internet has been abuzz in recent weeks with articles on the workarounds that remain, one can assume that where those can also be shut down, they very likely well be at some point. All of which highlights the real challenge for the 70% of Windows users yet to make the leap to Windows 11—replacing expensive hardware with no secondary market to push old hardware into. Canalys calculates that this hyper-scale refresh would result in “roughly a fifth of devices becom[ing] e-waste due to incompatibility with the Windows 11 OS. This equates to 240 million PCs. If these were all folded laptops, stacked one on top of another, they would make a pile 600km taller than the moon.” To learn more visit OUR FORUM.