Warning message... Link to action
In MITRE's evaluation of EDR solutions, Windows Defender ATP demonstrated industry-leading optics and detection capabilities Read the blog: Insights from the MITRE evaluation
Microsoft antivirus and threat protection solutions
Microsoft provides next-generation antivirus and breach protection solutions that help make Windows 10 the most secure version of Windows yet. These and other Microsoft threat protection solutions enhance security in computers used in homes, small businesses, and enterprises, even protecting computers running earlier versions of Windows.
|Solution||Available to||Used for||Download, installation|
|Windows Defender Antivirus|| Homes,|
|Real-time detection, prevention, and removal of malware with cloud-delivered protection||Built into Windows 10 and Windows 8.1; for earlier versions of Windows, get Microsoft Security Essentials. |
Enterprises can manage Windows Defender AV with System Center Configuration Manager, Microsoft Intune, or Windows Defender ATP.
|Windows Defender Advanced Threat Protection||Enterprises||Detection of cyberattack activity in enterprise networks and breach remediation||Available on Windows 10 Enterprise; requires signup to service|
|Windows Defender Offline|| Homes,|
|External scans that find and remove threats capable of evading security checks in Windows||Built into Windows 10 version 1703; free download for older versions of Windows|
|Windows Malicious Software Removal Tool|| Homes,|
|Specialized scans to find and remove highly prevalent threats||MSRT automatically runs on Windows computers monthly as part of Windows Updates. To manually trigger scans, download the standalone version for free.|
MSRT includes only definitions for the most prevalent threats.
|Microsoft Safety Scanner|| Homes,|
|Comprehensive scans to find and remove both prevalent and less common threats||Safety Scanner is a free download that comes with the latest downloadable definitions. However, it does not support either real-time and cloud-delivered protection.|
Windows Defender Antivirus
Windows Defender Antivirus is an enterprise-grade antimalware solution built into Windows 10 and Windows 8.1. It uses the cloud, vast optics, machine learning, and behavior analysis to rapidly respond to emerging threats. A convenient and powerful solution for stopping file-based threats, Windows Defender Antivirus provides the following advantages:
To protect your computer with Windows Defender Antivirus on Windows 10, use the Windows search box to find and open the Windows Defender Security Center. Navigate to the Virus & threat protection settings and enable Real-time protection and Cloud-based protection.
Windows Defender Antivirus is also built into Windows 8.1. For older platforms, read Antivirus protection for Windows 7 and older versions of Windows.
Windows Defender ATP
Windows Defender Advanced Threat Protection (Windows Defender ATP) helps enterprises detect, investigate, and respond to breaches and other attacks facilitated by advanced persistent threats (APTs).
Windows Defender ATP uses sensors already available in Windows 10 and cloud analytics to provide fast behavioral detection of breach activity. It effectively detects both subtle activities associated with targeted attacks and broader infections caused by ransomware and other mass malware.
Windows Defender ATP provides the following advantages:
To read about Windows Defender ATP in action, visit the Windows Security blog. Windows Defender ATP is built into the core of Windows 10 Enterprise and can be evaluated free of charge.Learn more about Windows Defender ATP
Antimalware protection for Windows 7 and earlier versions of Windows
Windows Defender Antivirus is built into Windows 10 and Windows 8.1. If your computer is running Windows 7 or earlier, you can download and use Microsoft Security Essentials (MSE).
On enterprise networks, System Center Endpoint Protection (SCEP) provides a single, integrated platform that reduces your IT management and operating costs. It can be used to manage Windows Defender Antivirus on Windows 10 and Windows Server 2016 computers. On Windows 8.1 or older systems, it leverages the Endpoint Protection client, which uses the same antimalware technologies to detect and remove malware as Microsoft Security Essentials and Windows Defender Antivirus.
To assist all Windows customers, including those who are not running Windows Defender Antivirus, Microsoft provides several malware removal solutions.
Windows Defender Offline
Windows Defender Offline runs outside of Windows to remove rootkits and other threats that hide from the Windows operating system. This tool uses a small, separate operating environment, where evasive threats are unable to hide from antimalware scanners.
With Windows 10, Windows Defender Offline is built into the operating system and can run from the Windows Defender Security Center. It is provided as a separate download for previous versions of Windows.Learn more about Windows Defender Offline
Windows Malicious Software Removal Tool
The Malicious Software Remove Tool (MSRT) is released regularly through Windows Update and automatically removes the most prevalent threats. MSRT helps ensure that Windows computers, regardless of their antimalware solution, are regularly scanned for the most prevalent threats.
MSRT is also provided as a downloadble standalone tool. Customers who want to be able to address the most prevalent threats on demand can download and run the standalone version.Download MSRT
Microsoft Safety Scanner
Safety Scanner provides full, comprehensive on-demand antimalware scans. It offers robust offline scan and cleanup capabilities. However, it does not provide real-time and cloud-based protection available with Windows Defender Antivirus.
Safety Scanner covers both prevalent and less notable threats. It is recommended as a more robust alternative to MSRT.Download Safety Scanner