Expired Antivirus Protection Just as Bad as None

Credit: Oleksiy Mark/ ShutterstockCredit: Oleksiy Mark/ Shutterstock

Expiration dates aren't just for food. Antivirus programs can also go stale, and when they do, they're almost as useless as having no antivirus protection at all, according to the latest edition of a twice-yearly Microsoft study.

In its Security Intelligence Report 17, released today (November 18), Microsoft found that computers with expired antivirus protection were only slightly less likely to be infected with malware than computers with no antivirus protection at all, and almost four times as likely to be infected as computers that had up-to-date antivirus protection. 

MORE: Best PC Antivirus Software 2014

The study in SIR 17 was performed on "non-domain" computers, those that aren't controlled from large enterprise administrative servers. Non-domain computers include almost all consumer, and most small-business, PCs.

Microsoft found that PCs with frequently updated, real-time antivirus protection had only a 0.6 percent infection rate. By comparison, 2.2 percent of computers with expired antivirus protection were infected, as were 2.4 percent of computers that had no antivirus protection.

Those look like small numbers, but Microsoft also found that 10 percent of non-domain Windows 8 and Windows 8.1 computers were running expired antivirus protection.

How do PC owners end up with expired antivirus programs? Often, newly purchased machines come with a month or so of free antivirus protection, and owners let that protection expire without renewing or replacing it.

Supporting this thesis, Microsoft found that the month of January 2013 had the highest percentage of computers with active antivirus software, likely correlating to people buying new computers over the holidays. After January, the percentage of actively protected computers trails off as these trial antivirus programs expire. 

"Computer users who run expired or out-of-date security software may believe that it continues to provide an adequate, if less than optimal, level of protection. ... This belief is misguided at best," according to SIR 17. 

The report also found that expired trial antivirus programs may actually put people at even more risk. Microsoft found that computers with expired antivirus programs from a certain antivirus vendor (identified only as Vendor A) were even more likely to be infected than people with no antivirus protection at all. 

"For these vendors, the existence of so many expired trial versions has a significant impact on their ability to offer protection," reads SIR 17.

Jill Scharr is a staff writer for Tom's Guide, where she regularly covers security, 3D printing and video games. You can follow Jill on Twitter @JillScharr and on Google+Follow us @tomsguide, on Facebook and on Google+.

Create a new thread in the Antivirus / Security / Privacy forum about this subject
This thread is closed for comments
    Your comment
  • firefoxx04
    Glad I invested in Malwarebytes years ago when it was $25 (for a life time subscription) or $20 per copy if you bought 3 or more.

    Have not looked back. Malwarebytes is just as if not more capable than the big names. In its infancy it was extremely light weight and found things that the bloated norton and macafee could not find. It was not invasive either, it just got rid of things and thats it.

    Lately malwarebytes has gotten bigger and flashier, its a shame. However, I still have a lifetime copy, which to my knowledge, is no longer available. It still kicks the crap out of pretty much anything despite its modern makeover that I dislike.

    OO and I forgot to mention, the free version is just as good as the paid version. You simply have to manually do a scan rather than relying on it to do things for you. This is my favorite way to go anyways. Skip free AVG, AVAST, Avir, norton, etc. Ive tried them all and I still stick with Malwarebytes.
  • Zachasaurs
    dude i just have Microsoft firewall and it keeps me safe and without viruses and its free best one possible
  • Silent Ricochet
    Pretty funny coming from a company that relies on you to manually update Windows Defender every day. (Unless you have automatic updates on. Which is honestly annoying).