Microsoft Security Essentials shakes up consumer antivirus
Analysis Early tests with the full version of Microsoft's new free malware scanner software reveals a no-frills security package that does what it says on the tin.
Microsoft Security Essentials offers a significant opportunity to improve internet hygiene in much the same way Windows firewall brought a then endemic worm problem to heel six years ago. The technology also has the potential to shake up the consumer antivirus marketplace, particularly for vendors who offer free anti-malware protection.
Demand for a beta version of Microsoft Security Essentials back in June far exceeded Redmond's plans for limited trials, prompting the closure of downloads after less than a day. Tuesday's release of the full version of Essentials went far more smoothly, with no reports of major problems.
We gave the software a quick spin and found the initial install process quick and painless. After downloading a 8.6MB installation file to a test PC we downloaded virus definition updates, a process that took about five minutes. The initial scan took 18 minutes on the Win XP machine we used for the test, with a later quick scan running much more quickly.
Stripped down scanner
Testing MSE's effectiveness in detecting and removing malware was beyond the scope of our quick run through.
Microsoft execs were at pains to describe Microsoft Security Essentials as a full-featured anti-malware scanner. The software offers protection against spyware, Trojan and computer viruses but it lacks many of the bells and whistles of third-party alternatives. This is your older brother's anti-virus scanner, circa 2001 vintage perhaps, and no worse for that.
The software omits firewall and anti-phishing protection by design. Also absent is anything like AVG's sometimes controversial Linkscanner technology for accessing the security of sites offered up through search engines in real time. Host-based intrusion prevention, as offered with Norton Internet Security and higher end consumer suites, is also omitted. As a consumer, and perhaps home office product, management features have also been excluded as unneeded.
The software is focused solely on malware detection and clean-up. It's an unobtrusive app with a basic, unfussy user interface.
These are all good design decisions for an entry level scanner that aims to offer an easy security alternative to consumers, many (perhaps as many as half) of who are running Windows PC without up-to-date protection.
Microsoft is offering the software through download via a microsite or Windows Security Centre. It won't be bundled with Windows 7 or offered as part of a monthly patch update. However, MSE may be bundled onto new PCs by OEMs, though not very widely.
Symantec and McAfee will continue to offer a far more financially attractive deal to top-tier manufacturers who bundle trial versions of its security suites.
Scareware buster also threatens AVG
The availability of a free-of-extra-charge malware scanner from Microsoft has the potential to make a serious dent in the booming scareware business. Users are encouraged to buy fake anti-virus software of dubious value on the basis of supposed security threats to their PC - every day brings new reports of such scams (examples posing as Firefox warning here and information about earthquakes off Samoa here), which are normally run through compromised websites promoted through black-hat search engine optimisation techniques.
The availability of anti-virus software from Microsoft undermines he credibility of such scams, even though it's unlikely to kill them off.
The release of MSE also threatens free anti-virus players, such as AVG and Avira, whose business model has relied on coaxing a percentage of its users into upgrading, sometimes using irksome tactics. Each would do better to focus on the small business marketplace but may have trouble displacing the likes of Panda and Kaspersky in that arena. The timing of the change is particularly unfortunate for AVG, which has been on the hunt for a new chief exec since July.
With Microsoft Security Essentials, Redmond is trying to offer basic protection to Windows PCs, so helping it to improve its spotty reputation for security and fend off a renewed challenge from Apple. Greater use of its client software will help it to make sales of its enterprise anti-virus and security software, while tying up the opposition (McAfee and Symantec) at fending off an arguably modest threat to consumer security suite sales.
MSE doesn't address the market for consumers who want more comprehensive protection, so established consumer security suite brands such as Kaspersky and Norton are unlikely to be hard hit. Nonetheless Symantec, AVG at al are likely to belittle Microsoft's efforts over the coming days as part of defensive marketing strategies. ®
Too bad that all Malware gangs are going to circumvent it.
The biggest problem with MSE is that it's only a scanner and lacks all advanced heuristics of modern packages.
Which means that it is ok for cleaning up system that got infected about a month ago, and rather useless in preventing the infection in the first place.
Almost all malware is professionally produced nowadays, and bad guys use their in house equivalent of Virus Total to make sure that all major scanners will miss their malware.
Or at least that is what I have seen when watching big AV vendors scanner results on any new malware family, it's almost certain that none of the big vendors detect the malware just with the scanner.
But when you try to infect a system with new malware it's totally a different story, the heuristics in Symantec, Trend, F-Secure, etc usually are pretty good on spotting suspicious code and ask customer for sample upload.
Being OLD and BAD TEMPERED - with a LONG memory
Almost all of the "Save yo' Ass" Microsoft software is worthless bullshit.
It's the cheapest, lowest standard, minimal effectiveness, lowest investment, lipstick on a pig software since the last worthless security software offering by Microsoft.
In terms of effectiveness - "It's as useful as a postage stamp on a letter going into the paper shredder......."
Get it? Use it? I wouldn't even bother downloading it.
I have only used the RC version of Windows 7 so the retail package maybe different. The user can opt out and disable most if not all of the data collection services that will run if the user accepts all of MS recommended settings. Microsoft also inform the user of the nature of the data collected, so this data collection is not underhand as such. However most users and nearly all new users to Windows 7 will accept and opt in to the data collection services because the wording in the opt in/out dialogues hint that it would be a bad thing to turn them off.
Here are some links discussing what Windows Vista/7 does regarding user data collection.
I will let you decide if you feel you are being spied upon.
A default install accepting all of MS recommended settings enables the following
WMP: sends usage data to MS
Media Center: joins the Customer Experience Program and sends usage data to MS.
IE8: Suggested Sites sends browsing history to MS
IE8: Smart Screen Filter sends website addresses you visit to MS.
The Customer Experience Program sends Windows usage data including installed apps and app usage, the file and folder structure of your PC and system specific hardware data to MS amongst other things.
This data collection can be either opted out from or disabled, but your average user is just going to accept the defaults and MS recommendations for fear of something not working properly.
Microsoft state that spyware is something that collects user data/info without informing the user. I would call that covert spyware, MS spyware is overt spyware. Whatever hairs one wants to split it is still spyware.