[German]This is an exciting question that many users are certainly asking themselves: Can current antivirus software actually protect Windows 11 against current ransomware? AV-TEST GmbH wanted to find out and unleashed a series of known ransomware samples on Windows 11 systems with installed virus protection. It was observed whether the protection software stops the ransomware infection.
Advertising
In general, yes, the question should be asked: Can current antivirus software protect any Windows that is still in support from current ransomware? At least for Windows 10, the answer should be yes – although the question arises as to what the situation is like with previously unknown ransomware. Security providers advertise behavioral detection, which is also supposed to recognize unknown malware.
I stumbled across the above tweet from AV-TEST GmbH the other day about Windows 11 being the current OS and whether current antivirus software can protect this OS from current ransomware. This raised the following questions:
- What actually happens during a ransomware attack?
- Is the ransomware simply stopped, or can dangerous processes continue or do components remain in the system?
AV-TEST used 10 scenarios to evaluate ransomware currently deployed in the wild and its attack techniques SysWhispers, Reflective DLL Injection and Reflective DLL Loading. The malware was unleashed on Windows 11 systems protected with security software for enterprise and home users.
As part of the analysis, each individual attack step was analyzed and documented. Only in this way is it possible to present a detailed picture of an attack and show how the security solutions react. The comprehensive test, including a study, is part of the series of Advanced Threat Protection tests that provide important insights into the performance of cybersecurity solutions. The enterprise user solutions tested are from:
Advertising
- Acronis,
- AhnLab,
- Bitdefender (2 versions),
- Check Point,
- Xcitium,
- G DATA,
- Kaspersky (2 versions),
- Microsoft,
- Symantec,
- Trellix
- VMware
AV-TEST writes that the current evaluation shows that many security products for home users and businesses can also hold their own against actively used attack techniques as well as the latest ransomware under Windows 11. The situation is somewhat more favorable for solutions for businesses than for products for home users. In the latter category, only the three products from Kaspersky, Microsoft and PC Matic scored the full 30 points in the protection rating.
In the case of products for corporate users, a total of 9 of the 13 security solutions evaluated were able to achieve the full 30 points in the protection score: Acronis, Check Point, Xcitium, Kaspersky (both versions), Microsoft, Symantec, Trellix and VMware. The results can be read in the article Test and Study: Do Security Solutions stop Current Ransomware under Windows 11?
