Windows Defender Antivirus in Windows 10 and Windows Server 2016
- Windows Defender Advanced Threat Protection (Windows Defender ATP)
Windows Defender Antivirus is a built-in antimalware solution that provides next generation protection for desktops, portable computers, and servers.
Windows Defender Antivirus includes:
- Cloud-delivered protection for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Windows Defender Antivirus.
- Always-on scanning, using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection")
- Dedicated protection updates based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research
You can configure and manage Windows Defender Antivirus with:
- System Center Configuration Manager (as System Center Endpoint Protection, or SCEP)
- Microsoft Intune
- Windows Management Instrumentation (WMI)
- Group Policy
You can visit the Windows Defender Testground website at demo.wd.microsoft.com to confirm the following features are working and see how they work:
- Cloud-delivered protection
- Fast learning (including Block at first sight)
- Potentially unwanted application blocking
What's new in Windows 10, version 1803
- The block at first sight feature can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
- The Virus & threat protection area in the Windows Security app now includes a section for ransomware protection. It includes controlled folder access settings and ransomware recovery settings.
What's new in Windows 10, version 1703
New features for Windows Defender Antivirus in Windows 10, version 1703 include:
- Updates to how the block at first sight feature can be configured
- The ability to specify the level of cloud-protection
- Windows Defender Antivirus protection in the Windows Security app
We've expanded this documentation library to cover end-to-end deployment, management, and configuration for Windows Defender Antivirus, and we've added some new guides that can help with evaluating and deploying Windows Defender AV in certain scenarios:
- Evaluation guide for Windows Defender Antivirus
- Deployment guide for Windows Defender Antivirus in a virtual desktop infrastructure environment
Minimum system requirements
Windows Defender AV has the same hardware requirements as Windows 10. For more information, see:
Functionality, configuration, and management is largely the same when using Windows Defender AV on Windows Server 2016; however, there are some differences.
Windows Defender AV in the Windows Security app Windows Defender AV on Windows Server 2016 Windows Defender AV compatibility Evaluate Windows Defender AV protection Deploy, manage updates, and report on Windows Defender AV Configure Windows Defender AV features Customize, initiate, and review the results of scans and remediation Review event logs and error codes to troubleshoot issues Reference topics for management and configuration tools