Is Anti-Virus Enough To Secure An Unsupported OS?

What is an unsupported operating system?

Operating systems, like most other kinds of software have to be updated regularly based on the changing needs and for performance improvements. Updates for an OS are majorly of two type: feature updates and security updates. As the name suggests, feature updates add new functionality to the OS (like adding tabs to the file explorer in Windows 11) while security updates focus on fixing security loopholes and preventing malwares. Usually security updates are provided for much longer period as compared to feature updates. For example, Windows 10 received its last significant feature update in 2020. 

Now that Microsoft has shifted its focus to Windows 11, Windows 10 would receive mostly security-only updates till 2025, after which it will join the ranks of unsupported Windows versions. Why can't developers provide security updates forever, when they are so small in size compared to other updates? It takes a lot of effort from the developers side to support an older operating system, as they have to continuously dig out bugs and loopholes in their operating system, while working on newer versions of it. Also from a business perspective, developers may want customers to purchase new version of the operating system.

Different operating system, different update strategies

Different operating systems like Windows, Linux, macOS, ChromeOS etc follow different approaches when it comes to delivering updates. As discussed earlier, all of these operating systems get security updates as long as the version is still supported. The duration of updates varies depending on the developers' or the organization's policy. For instance, each macOS version is supported for 3 years after its release. Each Windows 10 version gets security updates for 1.5 years. Canonical provides 5 years of support to each of the LTS releases of its Ubuntu operating system. Once this period ends, the user must upgrade their OS version to be secured in the cyber world; here comes the root question: why do some users prefer to stay on an older, and in most cases, unsupported version of their operating system? Possible reasons include:

  • Explicit requirements: Operating systems like macOS and ChromeOS are distributed only with MacBooks and ChromeBooks respectively; hence each version of these operating systems have definitions for the models that would be supported for upgrade. Once a model reaches its end of life, that is it receives its last major upgrade, the user must get a more recent system to get updates. If the user is not financially capable to purchase a new system, he or she may prefer to use their existing computers for some more time.
  • Incompatible software: In some cases users may need packages or software that no longer work on newer versions of the operating systems, and migrating the project would be costly in terms of both time and effort. So they may prefer to stay on the older version.
  • Incompatible hardware: Newer versions of the OS may have requirements that are not satisfied by the current system; for example, in order to install Windows 11, the system should have Trusted Platform Module (TPM) 2 chip, among other requirements. Many custom built PCs lack this chip and hence are officially not supported for upgrade.
  • Last but not the least, there may be UI changes that users may not like and hence do not update. For instance, many users were put off by the design overhaul in macOS Big Sur.

Understanding the need and working of security updates

Before answering the question of whether anti-virus programs can replace or act as supplement for security updates provided by the developers, it is important to understand the purpose and working of the security updates and how they differ from the services offered by antivirus programs. Anti-virus programs like Bit Defender, Quick Heal etc regularly and continuously monitor the system and detect any threats that include viruses, Trojan horses, etc based on the virus definitions, and subsequently neutralize those threats. 

Security updates, on the other hand help in patching 'loopholes' in the operating system. Operating systems, like any other software are not perfect, and vulnerabilities are found every hour; and these need to be fixed before they get exploited by the threats mentioned before. The brick wall analogy explains it well. 

Imagine a brick wall protecting a house. The wall has holes in it. Now these holes can permit animals to get inside, and also people to look inside the house perimeters. To secure the house, one can either patch these holes, or keep a guard that would constantly check for potential threats. But that guard would only look for threats around the discovered holes; if a new hole is found, the guard must be informed. The scenario of security updates is exactly this. Security updates help in patching the vulnerabilities in an operating system, that could allow attackers access to critical system functions. Since vulnerabilities are often deep into the operating system code, even the best anti-malware programs can't detect them. And since operating systems like Windows are proprietary, it comes down to the developers at the respective organizations like Microsoft to find these loopholes.

You Still Need An Antivirus

Along with the regular security patches, an anti-malware program is still recommended for continuous monitoring of threats from sources like internet and external drives. Most operating systems usually come with an anti-malware program preinstalled, like Windows Defender in case of Windows 10 and 11. Paid programs offer more features like password managers, network security etc.

Why the spotlight is on Windows

While the working of security updates and update policies discussed earlier apply more or less to all operating systems, Windows gets, as it deserves, special attention in the consideration of antivirus programs. We hardly hear Linux or Mac users installing anti virus programs: well, for the most part they don't need one. The market share of these operating systems is around 20% combined; hence attackers tend to target Windows users. Till Windows 7, Windows Security Essentials was the primary antivirus software provided out of the box. It was replaced by Windows Defender in Windows 8.1, but it remained to be less effective when compared to the leading antivirus products in the market. It was only in Windows 10 that Microsoft turned Windows Defender into a competitive and capable anti-virus software. Given that it is free and does not need any kind of subscription, most Windows users no longer install a separate anti virus program (unless it is shipped by the OEM). In fact, some antivirus programs clash with Windows Defender if not configured properly. 

Image Courtesy:


To ensure the best protection for your system, it is recommended to use a reputed anti-malware program on a supported operating system. If your system cannot run the latest version of Windows, you may consider using Linux distributions that are less taxing on your hardware, like Xubuntu. Chromebooks are also gaining popularity and are more affordable than Windows PCs. Of course, it involves a learning curve to use a new operating system, but there is no excuse to overlook system security.

Connect with me