- Download free virus protection for Windows PC. Avast offers modern antivirus for today’s complex threats. Fast, simple, and 100% free.
- This type of antivirus protection is beneficial because it works in tandem with other antivirus applications to provide multiple layers of protection. One example of machine learning is the design of Microsoft’s latest antivirus software, which can gather data from more than 400 million computers running on Windows 10 to discover new malware.
Feb. 22, 2019
Antivirus software helps protect your computer against malware and cybercriminals. Antivirus software looks at data — web pages, files, software, applications — traveling over the network to your devices. It searches for known threats and monitors the behavior of all programs, flagging suspicious behavior. It seeks to block or remove malware as quickly as possible.
ESET's antivirus software is used by more than 110 million users in more than 200 countries around the world, but it has achieved only limited market penetration in the U.S. ESET is a private. Immunet® is a malware and antivirus protection system that utilizes cloud computing to provide enhanced community-based security. Join the Immunet Community today and help make the internet safer for everyone. Free Antivirus for Mac While Apple devices are generally less susceptible to hackers, malicious websites and unsecured networks still pose serious threats to your device and privacy. That’s why McAfee Total Protection provides Mac-specific antivirus and anti-malware capabilities.
Antivirus protection is essential, given the array of constantly-emerging cyberthreats. If you don’t have protective software installed, you could be at risk of picking up a virus or being targeted by other malicious software that can remain undetected and wreak havoc on your computer and mobile devices.
If you already have antivirus software, you may believe you’re all set. But it might not be that simple. With new and savvier cyberthreats and viruses surfacing, it’s important to stay current with the latest in antivirus protection.
If there’s any crack in your cybersecurity defenses, cybercriminals likely will try to find a way in. Ensuring your antivirus software is up and running, and up-to-date, is a good place to start. However, hackers, scammers, and identity thieves are constantly tweaking their methods, so it’s a good idea to get protection from a comprehensive security solution.
What is antivirus software designed to do?
What exactly is antivirus software designed to do? We’re talking about a program or umbrella of programs whose purpose is to scan for and eradicate computer viruses and other malicious software, also known as malware. Antivirus software is a vital component of your overall online and computer security strategy in its protection against data and security breaches along with other threats.
When looked at simply, a computer virus is similar to a cold virus. It’s designed to go from one computer or device to the next, copying itself, and spreading malicious codes and programs that can damage and infiltrate your operating systems. Viruses are designed to give criminals access to their victims’ devices.
These viruses, spyware, and other malicious software are known as malware, and can be surreptitiously installed on your computer or device. Malware can do everything from crashing your device to monitoring or controlling your online activity. This control may enable hackers to send spam and steal your private information, which could eventually lead to identity theft.
Antivirus software provides protection against these types of threats by performing key tasks:
- Pinpointing specific files for the detection of malicious software
- Scheduling automatic scans
- Scanning either one file or your entire computer at your discretion
- Deleting malicious codes and software
- Confirming the safety of your computer and other devices
As cybercrime evolves and becomes more sophisticated, whether it’s your own PC or other devices on a larger network, you don’t want to leave yourself or your network vulnerable. If you don’t have security software, you could be opening the door for cybercriminals to gain access to your most sensitive information — and potentially garner control over your computer and mobile devices.
What are the different types of antivirus protection?
Several types of antivirus programs have evolved over the years. When setting up your umbrella of protection, it’s important to understand the more common antivirus programs available.
Malware signature antivirus
Malware, or malicious software, installs viruses and spyware on your computer or device without your knowledge. Malware can steal your login information, use your computer to send spam, crash your computer system, and essentially give cybercriminals access to your devices and the information stored on them, and even the ability to monitor and control your online activity.
Malware signature antivirus software detects malware signatures, which are digital fingerprints of malicious software. Antivirus protection can scan for specific malicious codes, identify specific viruses, and disable these programs.
While malware signature antivirus protection is key for detecting and eradicating known viruses, one limitation is its inability to address new viruses. The antivirus product simply doesn’t contain these new virus signatures.
System monitoring antivirus
This is where system monitoring antivirus software comes into play. This antivirus protection can monitor software and computer systems for behavior that is suspect or atypical of the user.
For instance, alerts are created when a user connects to unfamiliar sites or attempts to access a large number of files, or when there’s a significant increase in data usage.
Machine learning antivirus
Another form of protection can be machine learning techniques, which monitor “normal” computer or network behaviors. The machine learning antivirus software is able to limit activities by programs or computers if they look suspicious.
More specifically, machine learning detection implements algorithms to facilitate malware detection that is broader in scope. This type of antivirus protection is beneficial because it works in tandem with other antivirus applications to provide multiple layers of protection.
One example of machine learning is the design of Microsoft’s latest antivirus software, which can gather data from more than 400 million computers running on Windows 10 to discover new malware. (Note: To be clear, this is diagnostic data that a consumer can opt out of reporting.) This, in turn, takes us back to the importance of signatures, as this intelligence will allow for the development of new signatures for the latest malware discovered. This automation is key in its ability to stay on top of the latest viruses.
What does antivirus software help protect us from?
The beauty of malware for hackers is its ability to gain access to or damage a computer without our knowledge. It’s important to be aware of the many different types of malicious codes, or “malware,” against which antivirus software is designed to protect:
- Spyware: stealing sensitive information
- Ransomware: extorting money
- Viruses
- Worms: spreading copies between computers
- Trojans: promising one thing but delivering another
- Adware: advertising
- Spam: spreading unwanted email
Isn’t Windows Defender enough?
Starting with Windows 8, Windows has built-in antivirus protection known as Windows Defender that is enabled by default. But is it enough? The answer is “maybe” in that its efficacy isn’t certain due to its reliance on several moving parts.
For instance, Windows Defender is a good defense against traditional viruses. But it may not detect threats beyond regular viruses, and may not protect your devices against more sophisticated infiltrations such as ransomware. So its effectiveness also depends on how careful you are as an individual. Are you going to click on that link or email attachment from an unknown sender or website? In order to be safe, you likely need an added layer of protection.
Do I need antivirus protection for Mac?
While Macs and other Apple devices may not be as frequently targeted as Windows computers, it’s still a good idea to get additional antivirus protection to be ready for what may come in the future. At the moment, if you’re careful about what you open, don’t click on unknown links or attachments, and are careful in your online activity, you may be safe. But is it an unknown risk you’re willing to take? “Safe for now” may transition to “no longer safe.”
Free antivirus software: Does it work?
Another common question is whether free antivirus software protects us. But is anything ever really free? “Free” antivirus inevitably supports and makes money with advertising and tracking, and by installing junkware.
Free downloads also can hide malware. If you go this route, only download software from sites that you absolutely trust. You also must ensure that your security setting is set high enough to detect malicious codes.
Another thing to keep in mind when considering whether to rely on free antivirus protection? Identity theft protection, mobile security, and data security support options. These important security features often are lacking with free software.
Sign up for Norton 360 today
Considering all of the risks mentioned above, third-party antivirus protection can be critical. It can mean the theoretical difference between browsing online safely — with your financial and personally identifiable information (PII) safe inside your lockbox at home, and going shopping with your personal and financial information available for the taking.
Norton 360 features top-of-the-line defenses against these cyber threats, safeguards your PII and online transactions, and ensures emails and links come from trusted sources. Don’t leave your cybersecurity up to chance; sign up for the latest in antivirus protection.
It's smart to remember that antivirus software alone isn’t enough to protect against cyber threats. Cyber Safety also means protecting not only your devices, but also your identity and privacy.
Try Norton 360 FREE 30-Day Trial* - Includes Norton Secure VPN
30 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.
*Terms Apply
Editorial note: Our articles provide educational information for you. NortonLifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Copyright © 2021 NortonLifeLock Inc. All rights reserved. NortonLifeLock, the NortonLifeLock Logo, the Checkmark Logo, Norton, LifeLock, and the LockMan Logo are trademarks or registered trademarks of NortonLifeLock Inc. or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Alexa and all related logos are trademarks of Amazon.com, Inc. or its affiliates. Microsoft and the Window logo are trademarks of Microsoft Corporation in the U.S. and other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.
-->Applies to:
- Microsoft Defender Antivirus
There are two types of updates related to keeping Microsoft Defender Antivirus up to date:
- Security intelligence updates
- Product updates
Important
Keeping Microsoft Defender Antivirus up to date is critical to assure your devices have the latest technology and features needed to protect against new malware and attack techniques.
Make sure to update your antivirus protection even if Microsoft Defender Antivirus is running in passive mode.
To see the most current engine, platform, and signature date, visit the Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.
Security intelligence updates
Microsoft Defender Antivirus uses cloud-delivered protection (also called the Microsoft Advanced Protection Service or MAPS) and periodically downloads security intelligence updates to provide protection.
Note
Updates are released under the below KB numbers:
Microsoft Defender Antivirus: KB2267602
System Center Endpoint Protection: KB2461484
Cloud-delivered protection is always on and requires an active connection to the Internet to function. Security intelligence updates occur on a scheduled cadence (configurable via policy). For more information, see Use Microsoft cloud-provided protection in Microsoft Defender Antivirus.
For a list of recent security intelligence updates, see Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.
Engine updates are included with security intelligence updates and are released on a monthly cadence.
Product updates
Microsoft Defender Antivirus requires monthly updates (KB4052623) (known as platform updates), and will receive major feature updates alongside Windows 10 releases.
You can manage the distribution of updates through one of the following methods:
- The usual method you use to deploy Microsoft and Windows updates to endpoints in your network.
For more information, see Manage the sources for Microsoft Defender Antivirus protection updates.
Note
Monthly updates are released in phases, resulting in multiple packages visible in your Window Server Update Services.
Monthly platform and engine versions
For information how to update or install the platform update, see Update for Windows Defender antimalware platform.
All our updates contain
- performance improvements;
- serviceability improvements; and
- integration improvements (Cloud, Microsoft 365 Defender).
Security intelligence update version: 1.335.36.0
Released: April 1, 2021
Platform: 4.19.2103.7
Engine: 1.1.18000.5
Support phase: Security and Critical Updates
What's new
- Improvement to the Behavior Monitoring engine
- Expanded network brute-force-attack mitigations
- Additional failed tampering attempt event generation when Tamper Protection is enabled
Known Issues
No known issues
Security intelligence update version: 1.333.7.0
Released: March 9, 2021
Platform: 4.19.2102.3
Engine: 1.1.17900.7
Support phase: Security and Critical Updates
What's new
- Improved service recovery through tamper protection
- Extend tamper protection scope
Known Issues
No known issues
Security intelligence update version: 1.327.1854.0
Released: February 2, 2021
Platform: 4.18.2101.9
Engine: 1.1.17800.5
Support phase: Security and Critical Updates
What's new
- Shellcode exploit detection improvements
- Increased visibility for credential stealing attempts
- Improvements in antitampering features in Microsoft Defender Antivirus services
- Improved support for ARM x64 emulation
- Fix: EDR Block notification remains in threat history after real-time protection performed initial detection
Known Issues
No known issues
Previous version updates: Technical upgrade support only
After a new package version is released, support for the previous two versions is reduced to technical support only. Versions older than that are listed in this section, and are provided for technical upgrade support only.
Security intelligence update version: 1.327.1854.0
Released: December 03, 2020
Platform: 4.18.2011.6
Engine: 1.1.17700.4
Support phase: Security and Critical Updates
What's new
- Improved SmartScreen status support logging
Known Issues
No known issues
Security intelligence update version: 1.327.7.0
Released: October 29, 2020
Platform: 4.18.2010.7
Engine: 1.1.17600.5
Support phase: Security and Critical Updates
What's new
- New descriptions for special threat categories
- Improved emulation capabilities
- Improved host address allow/block capabilities
- New option in Defender CSP to Ignore merging of local user exclusions
Known Issues
No known issues
Security intelligence update version: 1.325.10.0
Released: October 01, 2020
Platform: 4.18.2009.7
Engine: 1.1.17500.4
Support phase: Technical upgrade support (only)
What's new
- Admin permissions are required to restore files in quarantine
- XML formatted events are now supported
- CSP support for ignoring exclusion merges
- New management interfaces for:
- UDP Inspection
- Network Protection on Server 2019
- IP Address exclusions for Network Protection
- Improved visibility into TPM measurements
- Improved Office VBA module scanning
Known Issues
No known issues
Security intelligence update version: 1.323.9.0
Released: August 27, 2020
Platform: 4.18.2008.9
Engine: 1.1.17400.5
Support phase: Technical upgrade support (only)
What's new
- Add more telemetry events
- Improved scan event telemetry
- Improved behavior monitoring for memory scans
- Improved macro streams scanning
- Added
AMRunningModeto Get-MpComputerStatus PowerShell cmdlet - DisableAntiSpyware is ignored. Microsoft Defender Antivirus automatically turns itself off when it detects another antivirus program.
Known Issues
No known issues
Security intelligence update version: 1.321.30.0
Released: July 28, 2020
Platform: 4.18.2007.8
Engine: 1.1.17300.4
Support phase: Technical upgrade support (only)
What's new
- Improved telemetry for BITS
- Improved Authenticode code signing certificate validation
Known Issues
Antivirus Protection
No known issues
Security intelligence update version: 1.319.20.0
Released: June 22, 2020
Platform: 4.18.2006.10
Engine: 1.1.17200.2
Support phase: Technical upgrade support (only)
What's new
- Possibility to specify the location of the support logs
- Skipping aggressive catchup scan in Passive mode.
- Allow Defender to update on metered connections
- Fixed performance tuning when caching is disabled
- Fixed registry query
- Fixed scantime randomization in ADMX
Known Issues
No known issues
Security intelligence update version: 1.317.20.0
Released: May 26, 2020
Platform: 4.18.2005.4
Engine: 1.1.17100.2
Support phase: Technical upgrade support (only)
What's new
- Improved logging for scan events
- Improved user mode crash handling.
- Added event tracing for Tamper protection
- Fixed AMSI Sample submission
- Fixed AMSI Cloud blocking
- Fixed Security update install log
Known Issues
No known issues
Security intelligence update version: 1.315.12.0
Released: April 30, 2020
Platform: 4.18.2004.6
Engine: 1.1.17000.2
Support phase: Technical upgrade support (only)
What's new
- WDfilter improvements
- Add more actionable event data to attack surface reduction detection events
- Fixed version information in diagnostic data and WMI
- Fixed incorrect platform version in UI after platform update
- Dynamic URL intel for Fileless threat protection
- UEFI scan capability
- Extend logging for updates
Known Issues
Antivirus Software Free
No known issues
Security intelligence update version: 1.313.8.0
Released: March 24, 2020
Platform: 4.18.2003.8
Engine: 1.1.16900.4
Support phase: Technical upgrade support (only)
What's new
- CPU Throttling option added to MpCmdRun
- Improve diagnostic capability
- reduce Security intelligence timeout (5 min)
- Extend AMSI engine internal log capability
- Improve notification for process blocking
Known Issues
[Fixed] Microsoft Defender Antivirus is skipping files when running a scan.
Security intelligence update version: 1.311.4.0
Released: February 25, 2020
Platform/Client: -
Engine: 1.1.16800.2
Support phase: Technical upgrade support (only)
What's new
Known Issues
No known issues
Security intelligence update version: 1.309.32.0
Released: January 30, 2020
Platform/Client: 4.18.2001.10
Engine: 1.1.16700.2
Support phase: Technical upgrade support (only)
What's new
- Fixed BSOD on WS2016 with Exchange
- Support platform updates when TMP is redirected to network path
- Platform and engine versions are added to WDSI
- extend Emergency signature update to passive mode
- Fix 4.18.1911.3 hang
Known Issues
[Fixed] devices utilizing modern standby mode may experience a hang with the Windows Defender filter driver that results in a gap of protection. Affected machines appear to the customer as having not updated to the latest antimalware platform.
Important
This update is:
- needed by RS1 devices running lower version of the platform to support SHA2;
- has a reboot flag for systems that have hanging issues;
- is re-released in April 2020 and will not be superseded by newer updates to keep future availability;
- is categorized as an update due to the reboot requirement; and
- is only be offered with Windows Update.
Security intelligence update version: 1.307.13.0
Released: December 7, 2019
Platform: 4.18.1911.3
Engine: 1.1.17000.7
Support phase: No support
What's new
- Fixed MpCmdRun tracing level
- Fixed WDFilter version info
- Improve notifications (PUA)
- add MRT logs to support files
Known Issues
When this update is installed, the device needs the jump package 4.10.2001.10 to be able to update to the latest platform version.
Microsoft Defender Antivirus platform support
Platform and engine updates are provided on a monthly cadence. To be fully supported, keep current with the latest platform updates. Our support structure is dynamic, evolving into two phases depending on the availability of the latest platform version:
Security and Critical Updates servicing phase - When running the latest platform version, you will be eligible to receive both Security and Critical updates to the anti-malware platform.
Technical Support (Only) phase - After a new platform version is released, support for older versions (N-2) will reduce to technical support only. Platform versions older than N-2 will no longer be supported.*
* Technical support will continue to be provided for upgrades from the Windows 10 release version (see Platform version included with Windows 10 releases) to the latest platform version.
During the technical support (only) phase, commercially reasonable support incidents will be provided through Microsoft Customer Service & Support and Microsoft’s managed support offerings (such as Premier Support). If a support incident requires escalation to development for further guidance, requires a non-security update, or requires a security update, customers will be asked to upgrade to the latest platform version or an intermediate update (*).
Platform version included with Windows 10 releases
The below table provides the Microsoft Defender Antivirus platform and engine versions that are shipped with the latest Windows 10 releases:
| Windows 10 release | Platform version | Engine version | Support phase |
|---|---|---|---|
| 2004 (20H1/20H2) | 4.18.1909.6 | 1.1.17000.2 | Technical upgrade support (only) |
| 1909 (19H2) | 4.18.1902.5 | 1.1.16700.3 | Technical upgrade support (only) |
| 1903 (19H1) | 4.18.1902.5 | 1.1.15600.4 | Technical upgrade support (only) |
| 1809 (RS5) | 4.18.1807.18075 | 1.1.15000.2 | Technical upgrade support (only) |
| 1803 (RS4) | 4.13.17134.1 | 1.1.14600.4 | Technical upgrade support (only) |
| 1709 (RS3) | 4.12.16299.15 | 1.1.14104.0 | Technical upgrade support (only) |
| 1703 (RS2) | 4.11.15603.2 | 1.1.13504.0 | Technical upgrade support (only) |
| 1607 (RS1) | 4.10.14393.3683 | 1.1.12805.0 | Technical upgrade support (only) |
For Windows 10 release information, see the Windows lifecycle fact sheet.
Updates for Deployment Image Servicing and Management (DISM)
We recommend updating your Windows 10 (Enterprise, Pro, and Home editions), Windows Server 2019, and Windows Server 2016 OS installation images with the latest antivirus and antimalware updates. Keeping your OS installation images up to date helps avoid a gap in protection.
For more information, see Microsoft Defender update for Windows operating system installation images.
Package version: 1.1.2104.01
Platform version: 4.18.2102.4
Engine version: 1.1.18000.5
Signature version: 1.335.232.0
Fixes
- None
Additional information
- None
Package version: 1.1.2103.01
Platform version: 4.18.2101.9
Engine version: 1.1.17800.5
Signature version: 1.331.2302.0
Fixes
- None
Additional information
- None
Package version: 1.1.2102.03
Platform version: 4.18.2011.6
Engine version: 1.1.17800.5
Signature version: 1.331.174.0
Fixes
- None
Additional information
- None
Package version: 1.1.2101.02
Platform version: 4.18.2011.6
Engine version: 1.1.17700.4
Signature version: 1.329.1796.0
Fixes
- None
Additional information
- None
Package version: 1.1.2012.01
Platform version: 4.18.2010.7
Engine version: 1.1.17600.5
Signature version: 1.327.1991.0
Fixes
- None
Additional information
- None
Package version: 1.1.2011.02
Platform version: 4.18.2010.7
Engine version: 1.1.17600.5
Signature version: 1.327.658.0
Fixes
- None
Additional information
- Refreshed Microsoft Defender Antivirus signatures
Package version: 1.1.2011.01
Platform version: 4.18.2009.7
Engine version: 1.1.17600.5
Signature version: 1.327.344.0
Fixes
- None
Additional information
- None
Package version: 1.1.2011.01
Platform version: 4.18.2008.9
Engine version: 1.1.17400.5
Signature version: 1.327.2216.0
Fixes
- None
Additional information
- Added support for Windows 10 RS1 or later OS install images.
Additional resources
| Article | Description |
|---|---|
| Microsoft Defender update for Windows operating system installation images | Review antimalware update packages for your OS installation images (WIM and VHD files). Get Microsoft Defender Antivirus updates for Windows 10 (Enterprise, Pro, and Home editions), Windows Server 2019, and Windows Server 2016 installation images. |
| Manage how protection updates are downloaded and applied | Protection updates can be delivered through many sources. |
| Manage when protection updates should be downloaded and applied | You can schedule when protection updates should be downloaded. |
| Manage updates for endpoints that are out of date | If an endpoint misses an update or scheduled scan, you can force an update or scan the next time a user signs in. |
| Manage event-based forced updates | You can set protection updates to be downloaded at startup or after certain cloud-delivered protection events. |
| Manage updates for mobile devices and virtual machines (VMs) | You can specify settings, such as whether updates should occur on battery power, that are especially useful for mobile devices and virtual machines. |