Microsoft's Free AV Looks Good in New Test Results

Microsoft's new free Security Essentials looks like it can get the job done, according to new scanning tests conducted by AV-Test.org.

The free standalone antivirus product has caused a stir since its Tuesday release, as might be expected when the words "Microsoft" and "free" are involved. In a post on the day of its launch, I referenced AV-Test performance results from a MSE beta. We now have new results from tests conducted this week against the final product (available for download), and overall MSE looks good:

Malware detection: MSE detected 98.44 percent of AV-Tests's collected zoo of 545,034 viruses, worms, backdoors, bots and Trojans, an entirely respectable showing. However, it didn't do nearly as well when it came to detecting adware and spyware, such as bank info stealers, and detected only 90.95 percent of the 14,222 samples.

As expected, MSE detected 100 percent of the samples in the Wildlist. Most reputable AV apps detect all the Wildlist samples.

Dynamic/behavioral detection: If a program includes behavioral detection, it can identify malware based solely on how it acts on a PC. It's a useful feature for detecting brand-new malware that doesn't yet have a signature.

AV-Test found that MSE doesn't include any effective behavioral detection. However, AV-Test's Andreas Marx noted that's typically the case for standalone antivirus programs, and that you'll generally need to buy a security suite to get the feature.

Or, you can pair your free or paid standalone AV program with PC Tools' free Threatfire, which adds an impressive layer of behavioral detection to your security arsenal.

Disinfection: MSE was able to clean up all of the active components from 25 different test infections, meaning the malware was effectively neutered. As is usually the case, the program often left behind some traces of the infection, such as registry entries or a turned-off Windows firewall.

Rootkit removal: MSE did well here. It identified and removed all 25 rootkits (stealth technology used to hide other malware) used in the tests.

Scan speed: When I compared the MSE beta to other free (and finished) AV apps over the summer, it came in last for scanning speed. In these latest tests, Marx says that MSE scan speed "is quite OK when compared with other AV products" - not the fastest, but not the slowest.

False alarms: Security Essentials didn't put up any false positives for any of 600,000 known clean files used by Windows, Office and other common apps. However, as Marx notes, most of those files come from Microsoft, so a false positive would have been surprising.

Overall, these results show that Security Essentials holds its own as a free standalone antivirus app. As with most other options in that category, it doesn't provide a firewall, behavioral detection, or other security extras. But since Vista and Windows 7 already include a two-way firewall, and you can add top-notch behavioral protection with another free app, MSE looks like a good budget choice for baseline antivirus protection.

Finally, if you're interested in a good business-side opinion piece on Microsoft's move, take a look at this post from Sunbelt's Alex Eckelberry.

Subscribe to the Security Watch Newsletter

Comments