Balancing Security and Performance for the Teams Client
When it comes to antivirus software, it’s important to maintain a balance between system security and the usability and performance of applications. AV software can inspect literally everything that happens on a workstation in an attempt to detect and disinfect any potential threat as soon as it appears. Antivirus activity can consumes many CPU cycles and cause delays when applications access heavily-used (“hot”) files, which is why Microsoft recommends excluding some system files from scanning. ISVs make the same sort of recommendation for important files used by their products (here’s an example from CommVault).
Which brings me to the Teams client and the files that it depends on, notably locally cached data. The Teams client is not known for its swift performance and low memory use. In fact, just like Outlook desktop was accused of being a “fat pig” in its heyday, the Teams client is often referred to in similar pejorative terms. To be fair to the Teams developers, although the desktop client seemed to have an unlimited appetite for memory in the past, that demand has been trimmed recently. It’s still not a slim client, but it’s definitely not as fat as it used to be.
Excluding Important Teams Files from Windows Defender
In any case, when complaining that the Teams desktop client occasionally “stuttered” especially when the client retrieved older chats for display, it was suggested to me that I should consider excluding some important Teams files and folders from antivirus scanning. I use Windows Defender on all my PCs, so the exclusions are handled through system settings (Figure 1). Other antivirus products handle exclusions in a different manner.
Figure 1: Excluding Teams files and folders from Windows Defender
The suggested files and folders to exclude are:
Teams.exe (the Teams executable).
Update.exe (the executable that updates the Teams client).
%Appdata%\Microsoft\Teams (the Teams root data folder, which includes the Cache folder)
%LocalAppData%\Microsoft\Teams (where Teams stores files for updates in the Packages folder)
I’ve been running with these exclusions for a couple of weeks and although I cannot say that I have noticed any great increase in performance, I can likewise say that I haven’t seen any problems either. It still takes a little time for the client to retrieve and display old chats, but my unscientific perception is that the display is smoother.
The decision about how to balance security and performance is yours. In my case, I’m happy to run with these exclusions in place. Your views are invited!
Teams is a fast-moving application. One way to stay ahead of the game is to subscribe to the Office 365 for IT Pros eBook. We update the Teams content monthly.
That’s certainly a possibility that needs to be considered as you make these decisions. As with many issues to do with security, you sometimes need to trade total security against performance.
@Tony The suggested files and folders to exclude, is this suggested by Microsoft or what is the conclusion for making this statement?
Still I’m surprised there is no official guide from Microsoft for this topic so thanks for bringing it up.
The suggestion came from a member of the Teams development group in response to some questions about speeding client performance. Microsoft doesn’t tend to issue application-specific guidelines for anti-virus exclusions.
There should be no need to exclude update.exe since it’s covered by %LocalAppData%\Microsoft\Teams.
There might be an argument to use the exclude “process” feature on it (and teams.exe, for that matter). I assume that’s for when AV is hurting a given process on an ongoing basis as opposed to just when it’s being read from disk.
Hi Tony,
What about for Macs? What exclusions do you recommend to improve MS Teams performance on Macs? Common issues like voice is choppy and video is blurry etc.
Thanks
-ilyas
{"id":null,"mode":"button","open_style":"in_modal","currency_code":"EUR","currency_symbol":"\u20ac","currency_type":"decimal","blank_flag_url":"https:\/\/office365itpros.com\/wp-content\/plugins\/tip-jar-wp\/\/assets\/images\/flags\/blank.gif","flag_sprite_url":"https:\/\/office365itpros.com\/wp-content\/plugins\/tip-jar-wp\/\/assets\/images\/flags\/flags.png","default_amount":100,"top_media_type":"featured_image","featured_image_url":"https:\/\/office365itpros.com\/wp-content\/uploads\/2022\/11\/cover-141x200.jpg","featured_embed":"","header_media":null,"file_download_attachment_data":null,"recurring_options_enabled":true,"recurring_options":{"never":{"selected":true,"after_output":"One time only"},"weekly":{"selected":false,"after_output":"Every week"},"monthly":{"selected":false,"after_output":"Every month"},"yearly":{"selected":false,"after_output":"Every year"}},"strings":{"current_user_email":"","current_user_name":"","link_text":"Virtual Tip Jar","complete_payment_button_error_text":"Check info and try again","payment_verb":"Pay","payment_request_label":"Office 365 for IT Pros","form_has_an_error":"Please check and fix the errors above","general_server_error":"Something isn't working right at the moment. Please try again.","form_title":"Office 365 for IT Pros","form_subtitle":null,"currency_search_text":"Country or Currency here","other_payment_option":"Other payment option","manage_payments_button_text":"Manage your payments","thank_you_message":"Thank you for supporting the work of Office 365 for IT Pros!","payment_confirmation_title":"Office 365 for IT Pros","receipt_title":"Your Receipt","print_receipt":"Print Receipt","email_receipt":"Email Receipt","email_receipt_sending":"Sending receipt...","email_receipt_success":"Email receipt successfully sent","email_receipt_failed":"Email receipt failed to send. Please try again.","receipt_payee":"Paid to","receipt_statement_descriptor":"This will show up on your statement as","receipt_date":"Date","receipt_transaction_id":"Transaction ID","receipt_transaction_amount":"Amount","refund_payer":"Refund from","login":"Log in to manage your payments","manage_payments":"Manage Payments","transactions_title":"Your Transactions","transaction_title":"Transaction Receipt","transaction_period":"Plan Period","arrangements_title":"Your Plans","arrangement_title":"Manage Plan","arrangement_details":"Plan Details","arrangement_id_title":"Plan ID","arrangement_payment_method_title":"Payment Method","arrangement_amount_title":"Plan Amount","arrangement_renewal_title":"Next renewal date","arrangement_action_cancel":"Cancel Plan","arrangement_action_cant_cancel":"Cancelling is currently not available.","arrangement_action_cancel_double":"Are you sure you'd like to cancel?","arrangement_cancelling":"Cancelling Plan...","arrangement_cancelled":"Plan Cancelled","arrangement_failed_to_cancel":"Failed to cancel plan","back_to_plans":"\u2190 Back to Plans","update_payment_method_verb":"Update","sca_auth_description":"Your have a pending renewal payment which requires authorization.","sca_auth_verb":"Authorize renewal payment","sca_authing_verb":"Authorizing payment","sca_authed_verb":"Payment successfully authorized!","sca_auth_failed":"Unable to authorize! Please try again.","login_button_text":"Log in","login_form_has_an_error":"Please check and fix the errors above","uppercase_search":"Search","lowercase_search":"search","uppercase_page":"Page","lowercase_page":"page","uppercase_items":"Items","lowercase_items":"items","uppercase_per":"Per","lowercase_per":"per","uppercase_of":"Of","lowercase_of":"of","back":"Back to plans","zip_code_placeholder":"Zip\/Postal Code","download_file_button_text":"Download File","input_field_instructions":{"tip_amount":{"placeholder_text":"How much would you like to tip?","initial":{"instruction_type":"normal","instruction_message":"How much would you like to tip? Choose any currency."},"empty":{"instruction_type":"error","instruction_message":"How much would you like to tip? Choose any currency."},"invalid_curency":{"instruction_type":"error","instruction_message":"Please choose a valid currency."}},"recurring":{"placeholder_text":"Recurring","initial":{"instruction_type":"normal","instruction_message":"How often would you like to give this?"},"success":{"instruction_type":"success","instruction_message":"How often would you like to give this?"},"empty":{"instruction_type":"error","instruction_message":"How often would you like to give this?"}},"name":{"placeholder_text":"Name on Credit Card","initial":{"instruction_type":"normal","instruction_message":"Enter the name on your card."},"success":{"instruction_type":"success","instruction_message":"Enter the name on your card."},"empty":{"instruction_type":"error","instruction_message":"Please enter the name on your card."}},"privacy_policy":{"terms_title":"Terms and conditions","terms_body":null,"terms_show_text":"View Terms","terms_hide_text":"Hide Terms","initial":{"instruction_type":"normal","instruction_message":"I agree to the terms."},"unchecked":{"instruction_type":"error","instruction_message":"Please agree to the terms."},"checked":{"instruction_type":"success","instruction_message":"I agree to the terms."}},"email":{"placeholder_text":"Your email address","initial":{"instruction_type":"normal","instruction_message":"Enter your email address"},"success":{"instruction_type":"success","instruction_message":"Enter your email address"},"blank":{"instruction_type":"error","instruction_message":"Enter your email address"},"not_an_email_address":{"instruction_type":"error","instruction_message":"Make sure you have entered a valid email address"}},"note_with_tip":{"placeholder_text":"Your note here...","initial":{"instruction_type":"normal","instruction_message":"Attach a note to your tip (optional)"},"empty":{"instruction_type":"normal","instruction_message":"Attach a note to your tip (optional)"},"not_empty_initial":{"instruction_type":"normal","instruction_message":"Attach a note to your tip (optional)"},"saving":{"instruction_type":"normal","instruction_message":"Saving note..."},"success":{"instruction_type":"success","instruction_message":"Note successfully saved!"},"error":{"instruction_type":"error","instruction_message":"Unable to save note note at this time. Please try again."}},"email_for_login_code":{"placeholder_text":"Your email address","initial":{"instruction_type":"normal","instruction_message":"Enter your email to log in."},"success":{"instruction_type":"success","instruction_message":"Enter your email to log in."},"blank":{"instruction_type":"error","instruction_message":"Enter your email to log in."},"empty":{"instruction_type":"error","instruction_message":"Enter your email to log in."}},"login_code":{"initial":{"instruction_type":"normal","instruction_message":"Check your email and enter the login code."},"success":{"instruction_type":"success","instruction_message":"Check your email and enter the login code."},"blank":{"instruction_type":"error","instruction_message":"Check your email and enter the login code."},"empty":{"instruction_type":"error","instruction_message":"Check your email and enter the login code."}},"stripe_all_in_one":{"initial":{"instruction_type":"normal","instruction_message":"Enter your credit card details here."},"empty":{"instruction_type":"error","instruction_message":"Enter your credit card details here."},"success":{"instruction_type":"normal","instruction_message":"Enter your credit card details here."},"invalid_number":{"instruction_type":"error","instruction_message":"The card number is not a valid credit card number."},"invalid_expiry_month":{"instruction_type":"error","instruction_message":"The card's expiration month is invalid."},"invalid_expiry_year":{"instruction_type":"error","instruction_message":"The card's expiration year is invalid."},"invalid_cvc":{"instruction_type":"error","instruction_message":"The card's security code is invalid."},"incorrect_number":{"instruction_type":"error","instruction_message":"The card number is incorrect."},"incomplete_number":{"instruction_type":"error","instruction_message":"The card number is incomplete."},"incomplete_cvc":{"instruction_type":"error","instruction_message":"The card's security code is incomplete."},"incomplete_expiry":{"instruction_type":"error","instruction_message":"The card's expiration date is incomplete."},"incomplete_zip":{"instruction_type":"error","instruction_message":"The card's zip code is incomplete."},"expired_card":{"instruction_type":"error","instruction_message":"The card has expired."},"incorrect_cvc":{"instruction_type":"error","instruction_message":"The card's security code is incorrect."},"incorrect_zip":{"instruction_type":"error","instruction_message":"The card's zip code failed validation."},"invalid_expiry_year_past":{"instruction_type":"error","instruction_message":"The card's expiration year is in the past"},"card_declined":{"instruction_type":"error","instruction_message":"The card was declined."},"missing":{"instruction_type":"error","instruction_message":"There is no card on a customer that is being charged."},"processing_error":{"instruction_type":"error","instruction_message":"An error occurred while processing the card."},"invalid_request_error":{"instruction_type":"error","instruction_message":"Unable to process this payment, please try again or use alternative method."},"invalid_sofort_country":{"instruction_type":"error","instruction_message":"The billing country is not accepted by SOFORT. Please try another country."}}}},"fetched_oembed_html":false}
Excluding exe files beats the reason of having resident antivirus. In theory teams.exe can be infected with some malware and AV won’t do anything.
That’s certainly a possibility that needs to be considered as you make these decisions. As with many issues to do with security, you sometimes need to trade total security against performance.
@Tony The suggested files and folders to exclude, is this suggested by Microsoft or what is the conclusion for making this statement?
Still I’m surprised there is no official guide from Microsoft for this topic so thanks for bringing it up.
The suggestion came from a member of the Teams development group in response to some questions about speeding client performance. Microsoft doesn’t tend to issue application-specific guidelines for anti-virus exclusions.
There should be no need to exclude update.exe since it’s covered by %LocalAppData%\Microsoft\Teams.
There might be an argument to use the exclude “process” feature on it (and teams.exe, for that matter). I assume that’s for when AV is hurting a given process on an ongoing basis as opposed to just when it’s being read from disk.
Hi Tony,
What about for Macs? What exclusions do you recommend to improve MS Teams performance on Macs? Common issues like voice is choppy and video is blurry etc.
Thanks
-ilyas
I’m sorry, I don’t have a Mac so I can’t really comment. Perhaps some others might have an idea.
Microsoft Statement: How to include or exclude Teams from antivirus or DLP applications
https://learn.microsoft.com/en-us/microsoftteams/troubleshoot/teams-administration/include-exclude-teams-from-antivirus-dlp