Actually nowadays Windows Defender is amongst the best anti virus products around; the first thing I always do on computers I should lean up/declutter/stabilize is to delete third party anti virus software, and let Defender do its job. So if the updates need improvement, so be it, it is still better than running third party AV!
Third party anti virus products tend to interfere in the inner workings of Windows in unthought/undocumented ways, which might break important programs. And most of them are noawadays convoluted messes of bloatware, where most of the functionality people simply don't need at all nor do understand. Being bloatware also makes them an attack vector for malware due to tons of security flaws.
But you don't have to take my word for this; ex Mozilla developer Robert O'Callahan wrote a well received and wide spread blog post in 2017 about it, being called
"Disable Your Antivirus Software (Except Microsoft's)":
"I was just reading
some Tweets and an associated
Hackernews thread and it reminded me that,
now that I've left Mozilla for a while, it's safe for me to say:
antivirus software vendors are terrible; don't buy antivirus software, and uininstall it if you already have it (except, on Windows, for Microsoft's).
At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in
Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but in general their developers do not follow standard security practices. (Microsoft, on the other hand, is generally competent.)
Furthermore, as Justin Schuh pointed out in that Twitter thread, AV products poison the software ecosystem because their invasive and poorly-implemented code makes it difficult for browser vendors and other developers to improve their own security. For example, back when we first made sure ASLR was working for Firefox on Windows, many AV vendors broke it by injecting their own ASLR-disabled DLLs into our processes. Several times AV software blocked Firefox updates, making it impossible for users to receive important security fixes. Major amounts of developer time are soaked up dealing with AV-induced breakage, time that could be spent making actual improvements in security (
recent-ish example).
What's really insidious is that it's hard for software vendors to speak out about these problems because they need cooperation from the AV vendors (except for Google, lately, maybe). Users have been fooled into associating AV vendors with security and you don't want AV vendors bad-mouthing your product. AV software is broadly installed and when it breaks your product, you need the cooperation of AV vendors to fix it. (You can't tell users to turn off AV software because if
anything bad were to happen that the AV software
mighthave prevented, you'll catch the blame.) When your product crashes on startup due to AV interference, users blame your product, not AV. Worse still, if they make your product
incredibly slow and bloated, users just think that's how your product is."
Google lead security engineer on Chrome Justin Schuh also has enough evidence on his own:
