zlacker

>>mconle+(OP)
Windows Defender is a long standing bug in the Windows operating system. ;)

My impression is that its invention was for the sole purpose of eradicating the idea that Windows is insecure and prone to viruses, which explains why it can be overzealous and CPU hungry.

I would only enable it for family members who don't know what they are doing. For some reason, I haven't needed any form of active virus scanning in something like 15 years. If it turns out I've been infected this entire time, the criminals sure are taking their time stealing my money, etc.

>>ravens+Df
There's a misconception that you need to do something "stupid" to get a virus which is simply not the case. 0 days exist, and worms are still a thing (looking at you samba).

A great example is Pytorch just recently had a supply chain attack, and installing the nightly version between December 25th and December 30th, 2022 - would result in your home directory getting uploaded including ssh keys.

Chrome also just had a 0 day 2022 - CVE-2022-3075

Pytorch supply chain attack via Triton 2022/2023 - https://www.bleepingcomputer.com/news/security/pytorch-discl...

EDIT: Also there's a misconception that linux somehow doesn't get viruses - however the Pytorch attack affected linux users. Making a virus for windows gives you far more targets then linux, which is why they're far more common.

>>thewat+si
There will always be 0 days out there, but they will always be very expensive and rare. If you have the ressources to buy or find a 0-day, you definetly won't blow it by executing known malware, or other stuff, which falls under the detected by AV's. I really don't thing that having AV installed will protect any user from a 0-day.

On the other side, you install a very invasive av software, which runs as privileged user and intercepts everything thats happening on your system. They even make a great target for malware by themself. Just recently ClamAV had a bug in it's file scanner, which let to an rce: CVE-2023-20032