Windows security in 22: you need more than just antivirus software

Do you need an antivirus in 2022 – especially when some options now come with a built-in cryptominer?

Several antivirus vendors – some free options, others paid – have started bundling their antivirus products with software that generates virtual currency. Of all the requirements of an antivirus, using excess cycles on your computer to generate cryptocurrency is not on my list of must-haves.

Recently, Krebs on Security noted that Norton Antivirus and Avira have told users that their respective software versions now include a cryptominer. Although it’s not enabled by default, it still gives me a break; Antivirus is supposed to protect us from this potentially unwanted software, and these two vendors are now including it in their products.

I have often thought that no antivirus software is often better than the various options available. I have followed patch installations on Windows platforms for years and have often seen bad interactions between antivirus software and Windows updates. At the start of the Windows 7 release cycle, I regularly advised users to uninstall antivirus software before applying security updates or service packs to avoid issues. Some users have also seen side effects with browsers and had to uninstall or reinstall their antivirus software for their browser to work properly. (Even with Windows 10, it’s important to make sure that users are running a supported version of antivirus.)

Just think of the number of times Microsoft has historically used install blocks due to interaction with antivirus products.

As Microsoft explained a case in 2018: “The compatibility issue arises when anti-virus applications make unsupported calls to Windows kernel memory. These calls can cause Stop errors (also known as blue screen errors) that prevent the device from starting. To avoid these Stop errors, Microsoft is currently only offering Windows Security Updates January and February 2018 to devices that are running antivirus software from antivirus software vendors that have confirmed their antivirus software is compatible by setting a key. registry required.

The problem was then that some antivirus vendors used undocumented code hooks – rather than logging into Windows Firewall – to perform virus scans. When installing a service pack, these hooks in the Windows kernel would conflict with the new code and trigger blue screens or at a minimum trigger the cancellation of the service pack installation.

For small businesses with 300 or fewer users, Microsoft is testing Microsoft Defender for Business, a security suite that adds the ability to manage, track, and protect against threats in a network. In addition to finding and alerting on issues, it also provides actionable platform-specific security tips. He will often recommend attack surface reduction rules that can help make your network more secure. If you are a small business, I recommend that you take a look at the overview to see if your network would benefit from further advice.

For home users, I remain a fan of Microsoft Defender, which is built into both Windows 10 and 11. While some prefer a third-party vendor to be on the lookout for security issues – they argue that s’ hitting Defender is like letting the fox guard the chicken coop – my philosophy is that any form of antivirus is reactionary, not proactive. Antivirus is not the best tool for filtering emails against phishing attacks, nor the best tool for checking where you are browsing online. You need security services in front of your computer, not just something that checks the software on your computer.

Security is more than antivirus these days. Start with the basics, such as your email provider, and go through your options. If you’re still using the same ISP-based email from 20 years ago, it’s time to investigate other email services that could analyze and examine better or attack better. And your options extend beyond Gmail and Outlook; look for services like Protonmail for secure and encrypted email.

Then use a password manager to keep track of passwords or even (gasp!) Write down your passwords in a small notepad. Writing down passwords is not the main problem these days; it is the fact that many users regularly reuse the same passwords repeatedly on various websites. Thus, if a site is breached, attackers can try these stolen passwords elsewhere and often enter them.

The next key step in security is to back everything up. Then back it up again, preferably using offline backup media. This way, if ransomware hits your computer, attackers will not be able to encrypt your backups either. Don’t make a backup, make several.

Make sure to secure your home network by making sure that your router has the latest firmware and that the corresponding password is secure. Security blogger Corey Parker has some great suggestions for reviewing the DHCP list to see who has connected to your home network. If you don’t recognize a device listed there, turn it off. If you accidentally turn off a streaming device that you use every day, you can turn it back on. This time, however, document what each device is so that you know exactly what connects to your network.

Update everything in a timely manner, but don’t rush. We follow this rule on the site all the time; I always recommend holding back a bit before updating. It’s a matter of timing. You want to install security updates, but not necessarily on the first day they are released.

Finally, always be on the lookout for two-factor authentication, especially for key sensitive sites. Don’t just rely on a password for access, be sure to add a text message sent to your phone as the bare minimum to protect your accounts.

The bottom line these days is that security is more than just antivirus on your computer. With that said, it’s important to choose vendor-supported and approved antivirus software for your platform. And find one that protects you from cryptominers you don’t want on your system. Bundling a cryptominer with the very software you bought for your security is not the way to go.

Copyright © 2022 IDG Communications, Inc.

Comments are closed.