Antivirus E Antimalware

Posted onby admin

Download Malwarebytes for your computer or mobile device. Whether you need cybersecurity for your home or your business, there's a version of Malwarebytes for you. Try our free virus scan and malware removal tool, then learn how Malwarebytes Premium can protect you from ransomwar. Our antimalware and antivirus solutions are grounded in Webroot and are supported by the built-in Windows Defender platform and for our MSSP customers also include advanced threat detection, windows hardening, a SIEM, and 24×7 SOC. Provides independent comparative tests and reviews for antivirus software, antimalware tools, and security software for Windows, Mac, and Android. Emsisoft Anti-Malware Home not only detects more because it uses the full power of two major antivirus- and anti-malware technologies, it also scans quicker because of the efficient combination of the scanners. Any unnecessary duplicates in detection are avoided, enabling the least impact on memory and overall hardware resources.

Long before AI, back when you could choose the color of your Mac to match your room, computer viruses were simple. Threat detection was as easy as finding a “creeper system” within a line of code. Today, the original profile of a virus is nearly obsolete while more dangerous forms of malware have taken center stage. While a virus is indeed a type of malware, not all types of malware are viruses—and there are some more dangerous than others. So what’s the difference between antivirus and antimalware software?

Cybersecurity companies originally gained popularity with a tried and true “antivirus” software for one-size-fits-all virus detection. But as threats advanced, many companies kept the original “antivirus” name, often while expanding the capabilities of its threat detection. Essentially, you can find antimalware tools within some antivirus software, but not all. Malware removal tools and antivirus software are complementary to one another and can work together for the maximum amount of security on your device.

Virus vs. Malware

A computer virus spreads from user to user by replicating itself through programming a file. Antivirus works to identify known threats using signature-based detection. This type of detection matches file signatures to a database of known malware. In contrast, antimalware utilizes heuristic-based detection to proactively find source codes that indicate a threat.

Is Antimalware the Same as Antivirus

Antivirus and antimalware were both created to detect and protect against malicious software. While the term antivirus denotes that it only protects against computer viruses, its features often protect against the many common forms of malware today. Antimalware goes one step further and focuses on broader, more advanced, software threats. For the sake of understanding the topic, we’ll refer to antivirus software with the assumption that it has not been upgraded for malware detection and protection.

Antimalware and antivirus are not the same. They complement one another to act as the highest level of defense against malicious software, along with healthy online habits. Antimalware detects more advanced forms of malware, like zero-day attacks, while antivirus software defends against the traditional, more established threats.

What Does Antivirus Mean

Basic antivirus software scans your device for known viruses. Typically, free antivirus only offers the minimum layer of protection against classic viruses like keyloggers and worms, while premium versions will protect against more advanced threats and even feature malware removal tools.

What Is Antimalware Software

Cyber threats are constantly evolving. While antivirus software can protect against common types of viruses, antimalware software works to detect new iterations of infections. Antimalware software defends against second-generation malware that classic antivirus software doesn’t always detect.

What Should Your Antivirus Software Include?

Key indicators of well-rounded antivirus software include:

  • Real-time scanning: background scanning means the program will detect threats as you encounter them.
  • Automatic updates: updates target any new forms of malware since installation.
  • Remove threats: your software should remove malware, not just detect and block it.

What to Look For In Antimalware Software

Whether you find a separate antimalware software or purchase antivirus with added capabilities, look for a program with the following:

  • Sandboxing: this controlled environment allows the software to test suspected threats and determine whether or not they’re safe to use.
  • Traffic filtering: this type of filtering protects your device by blocking access to suspicious servers and sites involved with malware distribution.
  • Proactive security: your software should scan, detect, and remove known malware threats like trojans, adware, and spyware.

Do You Need Antivirus and Antimalware?

It seems like antivirus is the lesser of the two security software, so why would you need both?

Antimalware focuses on new threats, while antivirus keeps you protected against the traditional versions, like worms and phishing attacks, that can still harm your device. The two complement each other, with antimalware designed to supplement antivirus protection as the cyber threat landscape becomes more sophisticated.

Think of antivirus as proactive protection against threats infecting your device while antimalware roots and destroys activated malware. Having both applications maximizes protection against the increasing threat of malware attacks.

As cyberattacks become more prevalent and clever in nature, antimalware adapts and protects. This doesn’t limit the need for antivirus protection, though. With both programs running simultaneously, plus safe web browsing habits, you’ll be as protected as possible against threats attempting to infiltrate your device.

Sources: WatchGuard Threat Lab 1, 2

-->

Applies to:

  • Microsoft Defender Antivirus

There are two types of updates related to keeping Microsoft Defender Antivirus up to date:

  • Security intelligence updates
  • Product updates

Important

Keeping Microsoft Defender Antivirus up to date is critical to assure your devices have the latest technology and features needed to protect against new malware and attack techniques.

Make sure to update your antivirus protection even if Microsoft Defender Antivirus is running in passive mode.

To see the most current engine, platform, and signature date, visit the Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.

Security intelligence updates

Microsoft Defender Antivirus uses cloud-delivered protection (also called the Microsoft Advanced Protection Service or MAPS) and periodically downloads security intelligence updates to provide protection.

Note

Updates are released under the below KB numbers:

  • Microsoft Defender Antivirus: KB2267602
  • System Center Endpoint Protection: KB2461484

Cloud-delivered protection is always on and requires an active connection to the Internet to function. Security intelligence updates occur on a scheduled cadence (configurable via policy). For more information, see Use Microsoft cloud-provided protection in Microsoft Defender Antivirus.

For a list of recent security intelligence updates, see Security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware.

Engine updates are included with security intelligence updates and are released on a monthly cadence.

Product updates

Microsoft Defender Antivirus requires monthly updates (KB4052623) (known as platform updates), and will receive major feature updates alongside Windows 10 releases.

You can manage the distribution of updates through one of the following methods:

  • The usual method you use to deploy Microsoft and Windows updates to endpoints in your network.

For more information, see Manage the sources for Microsoft Defender Antivirus protection updates.

Note

Monthly updates are released in phases, resulting in multiple packages visible in your Window Server Update Services.

Monthly platform and engine versions

For information how to update or install the platform update, see Update for Windows Defender antimalware platform.

All our updates contain

  • performance improvements;
  • serviceability improvements; and
  • integration improvements (Cloud, Microsoft 365 Defender).
April-2021 (Platform: 4.18.2104.9 Engine: 1.1.18100.5)

 Security intelligence update version: 1.337.2.0
 Released: April 1, 2021
 Platform: 4.18.2104.9
 Engine: 1.1.18100.5
 Support phase: Security and Critical Updates

What's new

  • Additional behavior monitoring logic
  • Improved kernel mode keylogger detection

Known Issues

No known issues

March-2021 (Platform: 4.18.2103.7 Engine: 1.1.18000.5)

 Security intelligence update version: 1.335.36.0
 Released: April 1, 2021
 Platform: 4.18.2103.7
 Engine: 1.1.18000.5
 Support phase: Security and Critical Updates

What's new

  • Improvement to the Behavior Monitoring engine
  • Expanded network brute-force-attack mitigations
  • Additional failed tampering attempt event generation when Tamper Protection is enabled

Known Issues

No known issues

February-2021 (Platform: 4.18.2102.3 Engine: 1.1.17900.7)

 Security intelligence update version: 1.333.7.0
 Released: March 9, 2021
 Platform: 4.18.2102.3
 Engine: 1.1.17900.7
 Support phase: Security and Critical Updates

What's new

  • Improved service recovery through tamper protection
  • Extend tamper protection scope

Known Issues

No known issues

Previous version updates: Technical upgrade support only

After a new package version is released, support for the previous two versions is reduced to technical support only. Versions older than that are listed in this section, and are provided for technical upgrade support only.

January-2021 (Platform: 4.18.2101.9 Engine: 1.1.17800.5)

 Security intelligence update version: 1.327.1854.0
 Released: February 2, 2021
 Platform: 4.18.2101.9
 Engine: 1.1.17800.5
 Support phase: Technical upgrade support (only)

What's new

  • Shellcode exploit detection improvements
  • Increased visibility for credential stealing attempts
  • Improvements in antitampering features in Microsoft Defender Antivirus services
  • Improved support for ARM x64 emulation
  • Fix: EDR Block notification remains in threat history after real-time protection performed initial detection

Known Issues

No known issues

November-2020 (Platform: 4.18.2011.6 Engine: 1.1.17700.4)

 Security intelligence update version: 1.327.1854.0
 Released: December 03, 2020
 Platform: 4.18.2011.6
 Engine: 1.1.17700.4
 Support phase: Technical upgrade support (only)

What's new

  • Improved SmartScreen status support logging

Known Issues

No known issues

October-2020 (Platform: 4.18.2010.7 Engine: 1.1.17600.5)

 Security intelligence update version: 1.327.7.0
 Released: October 29, 2020
 Platform: 4.18.2010.7
 Engine: 1.1.17600.5
 Support phase: Technical upgrade support (only)

What's new

  • New descriptions for special threat categories
  • Improved emulation capabilities
  • Improved host address allow/block capabilities
  • New option in Defender CSP to Ignore merging of local user exclusions

Known Issues

No known issues

September-2020 (Platform: 4.18.2009.7 Engine: 1.1.17500.4)

 Security intelligence update version: 1.325.10.0
 Released: October 01, 2020
 Platform: 4.18.2009.7
 Engine: 1.1.17500.4
 Support phase: Technical upgrade support (only)

What's new

  • Admin permissions are required to restore files in quarantine
  • XML formatted events are now supported
  • CSP support for ignoring exclusion merges
  • New management interfaces for:
    • UDP Inspection
    • Network Protection on Server 2019
    • IP Address exclusions for Network Protection
  • Improved visibility into TPM measurements
  • Improved Office VBA module scanning

Known Issues

No known issues

August-2020 (Platform: 4.18.2008.9 Engine: 1.1.17400.5)

 Security intelligence update version: 1.323.9.0
 Released: August 27, 2020
 Platform: 4.18.2008.9
 Engine: 1.1.17400.5
 Support phase: Technical upgrade support (only)

What's new

  • Add more telemetry events
  • Improved scan event telemetry
  • Improved behavior monitoring for memory scans
  • Improved macro streams scanning
  • Added AMRunningMode to Get-MpComputerStatus PowerShell cmdlet
  • DisableAntiSpyware is ignored. Microsoft Defender Antivirus automatically turns itself off when it detects another antivirus program.

Known Issues

No known issues

July-2020 (Platform: 4.18.2007.8 Engine: 1.1.17300.4)

 Security intelligence update version: 1.321.30.0
 Released: July 28, 2020
 Platform: 4.18.2007.8
 Engine: 1.1.17300.4
 Support phase: Technical upgrade support (only)

What's new

  • Improved telemetry for BITS
  • Improved Authenticode code signing certificate validation

Known Issues

No known issues

June-2020 (Platform: 4.18.2006.10 Engine: 1.1.17200.2)

 Security intelligence update version: 1.319.20.0
 Released: June 22, 2020
 Platform: 4.18.2006.10
 Engine: 1.1.17200.2
 Support phase: Technical upgrade support (only)

What's new

  • Possibility to specify the location of the support logs
  • Skipping aggressive catchup scan in Passive mode.
  • Allow Defender to update on metered connections
  • Fixed performance tuning when caching is disabled
  • Fixed registry query
  • Fixed scantime randomization in ADMX

Known Issues

No known issues

May-2020 (Platform: 4.18.2005.4 Engine: 1.1.17100.2)

 Security intelligence update version: 1.317.20.0
 Released: May 26, 2020
 Platform: 4.18.2005.4
 Engine: 1.1.17100.2
 Support phase: Technical upgrade support (only)

What's new

  • Improved logging for scan events
  • Improved user mode crash handling.
  • Added event tracing for Tamper protection
  • Fixed AMSI Sample submission
  • Fixed AMSI Cloud blocking
  • Fixed Security update install log

Known Issues

No known issues

April-2020 (Platform: 4.18.2004.6 Engine: 1.1.17000.2)

 Security intelligence update version: 1.315.12.0
 Released: April 30, 2020
 Platform: 4.18.2004.6
 Engine: 1.1.17000.2
 Support phase: Technical upgrade support (only)

What's new

  • WDfilter improvements
  • Add more actionable event data to attack surface reduction detection events
  • Fixed version information in diagnostic data and WMI
  • Fixed incorrect platform version in UI after platform update
  • Dynamic URL intel for Fileless threat protection
  • UEFI scan capability
  • Extend logging for updates

Known Issues

No known issues

March-2020 (Platform: 4.18.2003.8 Engine: 1.1.16900.2)

 Security intelligence update version: 1.313.8.0
 Released: March 24, 2020
 Platform: 4.18.2003.8
 Engine: 1.1.16900.4
 Support phase: Technical upgrade support (only)

What's new

  • CPU Throttling option added to MpCmdRun
  • Improve diagnostic capability
  • reduce Security intelligence timeout (5 min)
  • Extend AMSI engine internal log capability
  • Improve notification for process blocking

Known Issues

[Fixed] Microsoft Defender Antivirus is skipping files when running a scan.


February-2020 (Platform: - Engine: 1.1.16800.2)

 Security intelligence update version: 1.311.4.0
 Released: February 25, 2020
 Platform/Client: -
 Engine: 1.1.16800.2
 Support phase: Technical upgrade support (only)

What's new

Known Issues

No known issues

January-2020 (Platform: 4.18.2001.10 Engine: 1.1.16700.2)

Security intelligence update version: 1.309.32.0
Released: January 30, 2020
Platform/Client: 4.18.2001.10
Engine: 1.1.16700.2
 Support phase: Technical upgrade support (only)

What's new

  • Fixed BSOD on WS2016 with Exchange
  • Support platform updates when TMP is redirected to network path
  • Platform and engine versions are added to WDSI
  • extend Emergency signature update to passive mode
  • Fix 4.18.1911.3 hang

Known Issues

[Fixed] devices utilizing modern standby mode may experience a hang with the Windows Defender filter driver that results in a gap of protection. Affected machines appear to the customer as having not updated to the latest antimalware platform.

Important

This update is:

  • needed by RS1 devices running lower version of the platform to support SHA2;
  • has a reboot flag for systems that have hanging issues;
  • is re-released in April 2020 and will not be superseded by newer updates to keep future availability;
  • is categorized as an update due to the reboot requirement; and
  • is only be offered with Windows Update.
November-2019 (Platform: 4.18.1911.3 Engine: 1.1.16600.7)

Security intelligence update version: 1.307.13.0
Released: December 7, 2019
Platform: 4.18.1911.3
Engine: 1.1.17000.7
Support phase: No support

What's new

  • Fixed MpCmdRun tracing level
  • Fixed WDFilter version info
  • Improve notifications (PUA)
  • add MRT logs to support files

Known Issues

When this update is installed, the device needs the jump package 4.10.2001.10 to be able to update to the latest platform version.

Microsoft Defender Antivirus platform support

Platform and engine updates are provided on a monthly cadence. To be fully supported, keep current with the latest platform updates. Our support structure is dynamic, evolving into two phases depending on the availability of the latest platform version:

  • Security and Critical Updates servicing phase - When running the latest platform version, you will be eligible to receive both Security and Critical updates to the anti-malware platform.

  • Technical Support (Only) phase - After a new platform version is released, support for older versions (N-2) will reduce to technical support only. Platform versions older than N-2 will no longer be supported.*

* Technical support will continue to be provided for upgrades from the Windows 10 release version (see Platform version included with Windows 10 releases) to the latest platform version.

During the technical support (only) phase, commercially reasonable support incidents will be provided through Microsoft Customer Service & Support and Microsoft’s managed support offerings (such as Premier Support). If a support incident requires escalation to development for further guidance, requires a non-security update, or requires a security update, customers will be asked to upgrade to the latest platform version or an intermediate update (*).

Platform version included with Windows 10 releases

The below table provides the Microsoft Defender Antivirus platform and engine versions that are shipped with the latest Windows 10 releases:

Windows 10 releasePlatform versionEngine versionSupport phase
2004 (20H1/20H2)4.18.1909.61.1.17000.2Technical upgrade support (only)
1909 (19H2)4.18.1902.51.1.16700.3Technical upgrade support (only)
1903 (19H1)4.18.1902.51.1.15600.4Technical upgrade support (only)
1809 (RS5)4.18.1807.180751.1.15000.2Technical upgrade support (only)
1803 (RS4)4.13.17134.11.1.14600.4Technical upgrade support (only)
1709 (RS3)4.12.16299.151.1.14104.0Technical upgrade support (only)
1703 (RS2)4.11.15603.21.1.13504.0Technical upgrade support (only)
1607 (RS1)4.10.14393.36831.1.12805.0Technical upgrade support (only)

For Windows 10 release information, see the Windows lifecycle fact sheet.

Updates for Deployment Image Servicing and Management (DISM)

We recommend updating your Windows 10 (Enterprise, Pro, and Home editions), Windows Server 2019, and Windows Server 2016 OS installation images with the latest antivirus and antimalware updates. Keeping your OS installation images up to date helps avoid a gap in protection.

For more information, see Microsoft Defender update for Windows operating system installation images.

1.1.2105.01

 Package version: 1.1.2105.01
 Platform version: 4.18.2103.7
 Engine version: 1.1.18100.6
 Signature version: 1.339.42.0

Fixes

  • None

Additional information

  • None
1.1.2104.01

 Package version: 1.1.2104.01
 Platform version: 4.18.2102.4
 Engine version: 1.1.18000.5
 Signature version: 1.335.232.0

Fixes

Antivirus antimalware free
  • None

Additional information

  • None
1.1.2103.01

 Package version: 1.1.2103.01
 Platform version: 4.18.2101.9
 Engine version: 1.1.17800.5
 Signature version: 1.331.2302.0

Fixes

  • None

Additional information

Antivirus Anti Malware Combo

  • None

Antivirus Antimalware Free

1.1.2102.03

 Package version: 1.1.2102.03
 Platform version: 4.18.2011.6
 Engine version: 1.1.17800.5
 Signature version: 1.331.174.0

Fixes

  • None

Additional information

  • None
1.1.2101.02

 Package version: 1.1.2101.02
 Platform version: 4.18.2011.6
 Engine version: 1.1.17700.4
 Signature version: 1.329.1796.0

Fixes

  • None

Additional information

  • None
1.1.2012.01

 Package version: 1.1.2012.01
 Platform version: 4.18.2010.7
 Engine version: 1.1.17600.5
 Signature version: 1.327.1991.0

Fixes

  • None

Additional information

  • None
1.1.2011.02

 Package version: 1.1.2011.02
 Platform version: 4.18.2010.7
 Engine version: 1.1.17600.5
 Signature version: 1.327.658.0

Fixes

  • None

Additional information

  • Refreshed Microsoft Defender Antivirus signatures
1.1.2011.01

 Package version: 1.1.2011.01
 Platform version: 4.18.2009.7
 Engine version: 1.1.17600.5
 Signature version: 1.327.344.0

Fixes

  • None

Additional information

  • None
1.1.2009.10

 Package version: 1.1.2011.01
 Platform version: 4.18.2008.9
 Engine version: 1.1.17400.5
 Signature version: 1.327.2216.0

Fixes

  • None

Additional information

Miglior Antivirus E Antimalware Android

Antivirus E Antimalware
  • Added support for Windows 10 RS1 or later OS install images.

Additional resources

Differenza Tra Antivirus E Antimalware

ArticleDescription
Microsoft Defender update for Windows operating system installation imagesReview antimalware update packages for your OS installation images (WIM and VHD files). Get Microsoft Defender Antivirus updates for Windows 10 (Enterprise, Pro, and Home editions), Windows Server 2019, and Windows Server 2016 installation images.
Manage how protection updates are downloaded and appliedProtection updates can be delivered through many sources.
Manage when protection updates should be downloaded and appliedYou can schedule when protection updates should be downloaded.
Manage updates for endpoints that are out of dateIf an endpoint misses an update or scheduled scan, you can force an update or scan the next time a user signs in.
Manage event-based forced updatesYou can set protection updates to be downloaded at startup or after certain cloud-delivered protection events.
Manage updates for mobile devices and virtual machines (VMs)You can specify settings, such as whether updates should occur on battery power, that are especially useful for mobile devices and virtual machines.