Microsoft’s Windows Security suite (also known as Windows Defender or Microsoft Defender) has come a long way. It’s been around since 2006, changing names and features over time, but for years, it wasn’t very effective. Back then, if you didn’t have a third-party antivirus on your PC, people thought you were crazy. But Microsoft has seriously upgraded Windows Security, and now it’s a solid security suite — enough that a lot of us don’t even bother with extra antivirus software anymore. That said, as Windows Security got better, so did cyber threats, and relying on it alone isn’t really enough to keep your PC safe.

4 Web protection is limited to Edge

Chrome or Firefox users don't get the same protection

Windows Security, powered by Microsoft Defender Antivirus, does a good job of keeping you safe from sketchy websites and apps. It uses SmartScreen, an anti-phishing and anti-malware tool, to filter out bad links but only if you’re using Microsoft’s own products. That means sticking with Edge instead of Chrome or Firefox, and going with Office 365 over Google Workspace or LibreOffice. If you’re browsing with Chrome or Firefox and end up on a risky site, you’ll be depending on the browser’s own security features, not Microsoft’s.

Hackers often get around antivirus software by hiding malware in links instead of attachments, so having some browsing protection is a must. Microsoft does offer security extensions for Chrome and Firefox, but they don’t offer the same level of protection and are limited to the US. You’ll either need a third-party antivirus for Windows or just be extra cautious when visiting sketchy sites, downloading random files, or clicking links in emails and social media messages.

3 You don’t get a VPN

Unless you have a Microsoft 365 subscription

Windows Security doesn’t come with a VPN, which is a key tool for staying safe online. A VPN helps protect your privacy from trackers and keeps you secure on public networks. Microsoft does offer a VPN through the Microsoft Defender app if you have a paid Microsoft 365 subscription, but it has some limitations.

Defender’s VPN is capped at 50 GB per month, with traffic throttled once you hit the limit, and it’s only available in the US, UK, Canada, and Germany. The best VPN services often provide better features, such as a kill switch (that disconnects your internet if the VPN connection drops), unlimited data, and more.

2 Password manager is missing

You can only remember so many passwords

One major gap in Windows Security is the lack of a decent password manager. With so many passwords to keep track of, people usually end up with weak ones or just reuse them everywhere. A Forbes survey showed that about 76% of Americans recycle passwords across different sites. Even Microsoft said in 2019 that there are at least 44 million accounts at risk because of reusing passwords.

Since Windows Security doesn’t come with a password manager to help you create and store strong passwords, you’ll need to go for a dedicated password manager. Many antivirus programs also include password managers these days, so that’s worth considering too.

1 No endpoint protection

Bad news for business users

Windows Security provides decent protection, but it’s not the best choice for business users. It lacks key features like endpoint protection and response, plus automated investigation and remediation. The Microsoft Defender-based security doesn’t have the capability to fully restore a device’s integrity after something like a ransomware or DDoS attack, as highlighted by the CrowdStrike disruption. These gaps make a third-party antivirus essential. Microsoft does offer Defender for Endpoint to address these issues, but it’s a paid service.

Up your cybersecurity game

Windows Security does a solid job against most cyber threats, but today’s risks call for something stronger. Sure, combining the best Windows Security features with a little common sense usually keeps you safe, but modern social engineering tricks can catch even the savviest users off guard. To step up your protection, consider investing in a third-party antivirus program for added features like web protection, a password manager, and a VPN. Or, if you’re mainly looking for privacy, you could go for a VPN service — which is often cheaper and includes a password manager.