You Don’t Need to Buy Antivirus Software
You Don’t Need to Buy Antivirus Software
Updated April 21, 2020
We set out to do a standard Wirecutter guide to the best antivirus app, so we spent months researching products, reading reports from independent testing labs and institutions, and consulting experts on safe computing. And after all that, we learned that most people should neither pay for a traditional antivirus suite, such as McAfee, Norton, or Kaspersky, nor use free programs like Avira, Avast, or AVG. The “best antivirus” for most people to buy, it turns out, is nothing. Windows Defender, Microsoft’s built-in tool, is good enough for most people.
We spent dozens of hours reading results from independent labs like AV-Test and AV-Comparatives, features at many publications such as Ars Technica and PCMag, and white papers and releases by institutions and groups like Usenix, and Google’s Project Zero. We also read up on the viruses, ransomware, spyware, and other malware of recent years to learn what threats try to get onto most people’s computers today.
Over the years, we’ve also spoken with security experts, IT professionals, and The New York Times’ information security team to filter out the noise of the typical antivirus table-tennis headlines, which describe antivirus as: increasingly useless, actually it’s still pretty handy, antivirus is unnecessary, wait no it isn’t, and so on. Although we usually test all the products we’re considering, we can’t test the performance of antivirus suites any better than the experts at independent test labs already do, so we relied on their expertise.
But ultimately, relying on any one app to protect your system, data, and privacy is a bad bet, especially when almost every antivirus app has proven vulnerable on occasion. No antivirus, paid or free, can catch every malicious bit of software that arrives on your computer. You also need secure passwords, two-factor logins, data encryption, system-wide backups, automatic software updates, and smart privacy tools added to your browser. You need to be mindful of what you download, and only download software from official sources, like the Microsoft App Store and Apple Mac App Store whenever possible. You should avoid downloading and opening email attachments unless you know what they are. Check out our full guide to setting up all these security layers here.
Why we don’t recommend a traditional antivirus suite
It's insufficient for a security app to just protect against a single set of known “viruses.” There are potentially infinite malware variations that have been crypted—encoded to look like regular, trusted programs—and that deliver their system-breaking goods once opened. Although antivirus firms constantly update their detection systems to outwit crypting services, they’ll never be able to keep up with malware makers intent on getting through.
A quick terminology primer: The word malware just means "bad software" and encompasses anything that runs on your computer with unintended and usually harmful consequences. In contrast, antivirus is an out-of-date term that software makers still use because viruses, Trojan horses, and worms were huge, attention-getting threats in the 1990s and early 2000s. Technically, all viruses are a kind of malware, but not all malware is a virus.
So why shouldn’t you install a full antivirus suite from a known brand, just to be on the safe side? For many good reasons:
Two caveats to our recommendation:
Photo: Kyle Fitzgerald
If you use Windows 10, you already have a robust antivirus and anti-malware app—Windows Defender—installed and enabled by default. The AV-Test Institute’s independent testing gave Windows Defender a recommendation in December 2019, and a nearly perfect rating in performance.
Because Defender is a default app for Windows 10, by the same company that makes the operating system, it doesn’t have to upsell you or nag about subscriptions, and it doesn’t need the same kind of certificate trickery to provide deeply rooted protection for your system. It doesn’t install browser extensions or plug-ins for other apps without asking. Windows Defender does have the problem of being the default detection app that malware makers first attempt to work around. But having layers of security and good habits—especially sticking to official app stores and not downloading questionable free versions of things you should pay for, as we cover in another guide—should keep you safe from the worst kind of Defender-defeating malware.
AV-Test dinged Defender in protection back in September 2019 due to not catching some 0-day malware attacks. Defender rebounded in AV-Test’s December tests, fixing those real-world testing issues and catching 100 percent of the attacks. In any case, Defender routinely performs as well in lab tests as any paid third-party antivirus software, and when a major vulnerability was discovered in Defender in May 2017, the fix was remarkably fast—from a Friday-night disclosure to a Monday-evening patch.
No antivirus software consistently gets perfect scores from every test lab, every month, in every test, but Defender typically does as well as (or better than) the competition, is free, and it’s enabled by default.
You Don’t Need to Buy Antivirus Software
Updated April 21, 2020
We set out to do a standard Wirecutter guide to the best antivirus app, so we spent months researching products, reading reports from independent testing labs and institutions, and consulting experts on safe computing. And after all that, we learned that most people should neither pay for a traditional antivirus suite, such as McAfee, Norton, or Kaspersky, nor use free programs like Avira, Avast, or AVG. The “best antivirus” for most people to buy, it turns out, is nothing. Windows Defender, Microsoft’s built-in tool, is good enough for most people.
We spent dozens of hours reading results from independent labs like AV-Test and AV-Comparatives, features at many publications such as Ars Technica and PCMag, and white papers and releases by institutions and groups like Usenix, and Google’s Project Zero. We also read up on the viruses, ransomware, spyware, and other malware of recent years to learn what threats try to get onto most people’s computers today.
Over the years, we’ve also spoken with security experts, IT professionals, and The New York Times’ information security team to filter out the noise of the typical antivirus table-tennis headlines, which describe antivirus as: increasingly useless, actually it’s still pretty handy, antivirus is unnecessary, wait no it isn’t, and so on. Although we usually test all the products we’re considering, we can’t test the performance of antivirus suites any better than the experts at independent test labs already do, so we relied on their expertise.
But ultimately, relying on any one app to protect your system, data, and privacy is a bad bet, especially when almost every antivirus app has proven vulnerable on occasion. No antivirus, paid or free, can catch every malicious bit of software that arrives on your computer. You also need secure passwords, two-factor logins, data encryption, system-wide backups, automatic software updates, and smart privacy tools added to your browser. You need to be mindful of what you download, and only download software from official sources, like the Microsoft App Store and Apple Mac App Store whenever possible. You should avoid downloading and opening email attachments unless you know what they are. Check out our full guide to setting up all these security layers here.
Why we don’t recommend a traditional antivirus suite
It's insufficient for a security app to just protect against a single set of known “viruses.” There are potentially infinite malware variations that have been crypted—encoded to look like regular, trusted programs—and that deliver their system-breaking goods once opened. Although antivirus firms constantly update their detection systems to outwit crypting services, they’ll never be able to keep up with malware makers intent on getting through.
A quick terminology primer: The word malware just means "bad software" and encompasses anything that runs on your computer with unintended and usually harmful consequences. In contrast, antivirus is an out-of-date term that software makers still use because viruses, Trojan horses, and worms were huge, attention-getting threats in the 1990s and early 2000s. Technically, all viruses are a kind of malware, but not all malware is a virus.
So why shouldn’t you install a full antivirus suite from a known brand, just to be on the safe side? For many good reasons:
- Vulnerabilities: The nature of how antivirus apps provide protection is a problem. As detailed at TechRepublic, “Security software necessarily requires high access privileges to operate effectively, though when it is itself insecure or otherwise malfunctioning, it becomes a much higher liability due to the extent to which it has control over the system.” Symantec and Norton, Kaspersky, and most other major antivirus vendors have all had critical vulnerabilities in the past.
- Performance: Antivirus software is notorious for slowing down computers, blocking the best security features of other apps (such as the Firefox and Chrome browsers), popping up with distracting reminders and upsells for subscriptions or updates, and installing potentially insecure add-ons such as browser extensions without clearly asking for permission.
- Privacy: Free antivirus software has all of the above problems plus added privacy concerns. Good security is not free, and free-to-download apps are more likely to collect data about your computer and how you use it, sell your private browsing data, as well as to install browser extensions that hijack your search and break your security and add an advertisement to your email signature.
Two caveats to our recommendation:
- If you have a laptop provided by your work, school, or another organization, and it has antivirus or other security tools installed, do not uninstall them. Organizations have system wide security needs and threat models that differ from those of personal computers, and they have to account for varying levels of technical aptitude and safe habits among their staff. Do not make your IT department's hard job even more difficult.
- People with sensitive data to protect (medical, financial, or otherwise), or with browsing habits that take them into riskier parts of the Internet, have unique threats to consider. Our security and habit recommendations are still a good starting point, but such situations may call for more intense measures than we cover here.
Photo: Kyle Fitzgerald
If you use Windows 10, you already have a robust antivirus and anti-malware app—Windows Defender—installed and enabled by default. The AV-Test Institute’s independent testing gave Windows Defender a recommendation in December 2019, and a nearly perfect rating in performance.
Because Defender is a default app for Windows 10, by the same company that makes the operating system, it doesn’t have to upsell you or nag about subscriptions, and it doesn’t need the same kind of certificate trickery to provide deeply rooted protection for your system. It doesn’t install browser extensions or plug-ins for other apps without asking. Windows Defender does have the problem of being the default detection app that malware makers first attempt to work around. But having layers of security and good habits—especially sticking to official app stores and not downloading questionable free versions of things you should pay for, as we cover in another guide—should keep you safe from the worst kind of Defender-defeating malware.
AV-Test dinged Defender in protection back in September 2019 due to not catching some 0-day malware attacks. Defender rebounded in AV-Test’s December tests, fixing those real-world testing issues and catching 100 percent of the attacks. In any case, Defender routinely performs as well in lab tests as any paid third-party antivirus software, and when a major vulnerability was discovered in Defender in May 2017, the fix was remarkably fast—from a Friday-night disclosure to a Monday-evening patch.
No antivirus software consistently gets perfect scores from every test lab, every month, in every test, but Defender typically does as well as (or better than) the competition, is free, and it’s enabled by default.