Microsoft Security Essentials: Free, So What's the Catch?

Personally, I didn't like Microsoft's Live OneCare security software; every time I worked with it on someone's computer, there was a problem of some sort. Windows Defender, however, as an antispyware tool has gained my trust over the years. But when it came to antivirus protection, I either went with no protection (which isn't a big deal because Windows 7 is so locked down that I don't see anything bypassing my superfast UAC prompt skills), AVG free antivirus protection, or -- for those times when I thought that maybe, possibly, I picked something up -- the online Trend Micro House Call scan. So far the tests have come back clean.

But by living on the edge, it will only be a matter of time before I pick something up -- which is why I was interested in Microsoft's recent release of the second version of OneCare's successor, Microsoft Security Essentials (MSE). MSE provides real-time protection for home PCs, although Microsoft is promising that enterprise support for small business is on the way. (For larger organizations, Microsoft recommends the use of its Forefront products.)

[ For more free Windows tools, see InfoWorld's "Top 10 free Windows tools for IT pros" and "Top free troubleshooting tools for Windows" | Stay up to date on the key developments in Microsoft and Windows technology with InfoWorld's Technology: Microsoft newsletter. ]

Under the hood, MSE uses the Malware Protection Engine, same as the Forefront Client Security product. Virus definitions are shared among all the key products Microsoft provides, including OneCare, Windows Defender, and Forefront. Once you install MSE, Windows Defender will be disabled because you won't need both tools operating; MSE takes over the responsibilities of malware/spyware protection from Defender.

It took me mere minutes to download the 1.0 version of MSE (2.0 is still in beta). It installed just as quickly with one catch, if you can call it that: My Windows OS had to be validated.

A tour of using MSE
The first thing MSE does is update itself with the latest virus and spyware definitions from the Microsoft Update Center. The Update portion to MSE has garnered a bit of controversy, even from within the walls of InfoWorld itself: Woody Leonhard wrote a few months back about the change MSE makes to your Windows Update settings when you install it. If you happen to be one of those folks who turns off updates, the MSE installer will turn automatic updates back on. You can go back and turn it off, but the ostensible damage is done.

(My comments on this: Oh dear! Your system may have been updated! All those security holes may now be patched. How dare Microsoft provide a free tool to protect you from malicious software and then actually allow it to be updated for your best chance at protection?)

In any case, the scanning process looks and feels like that of Windows Defender, so I was comfortable with the tool right from the start. It's easy to use and to understand; I could put this thing on my mother's computer and not worry about support calls in the middle of the night.

I ran a scan and, with fingers crossed, got a big green checkmark to indicate that I'm still safe. If I turned off the scan, the checkmark would change to orange; if a threat were detected, I'd see a big red X. It doesn't get any easier than that for notification. There are four tabs that will make sense to any typical user: Home (where you can run you scan and see your results), Update (to grab an update manually, although it updates itself several times a day), History (to show you the harmful items that have been discovered and what action was taken), and Settings (for a variety of options that resemble Windows Defender settings).

How does MSE compare to the other antivirus products?

So here's a no-cost product that works on Windows XP SP2 and later, Vista, and Windows 7. It provides real-time protection against spyware, viruses, worms, Trojans, and other malicious software. There has to be a catch somewhere: Will it eat system resources to do its job? Will it perform poorly when compared to other, more experienced, antivirus products on the market? Will it give me false positives? I had lots of questions to resolve.

For the answers, I went to the AV-Test.org site, an independent provider of test scenarios that analyze effectiveness, behavior, and speed of IT security products, to see what it had to say about MSE. The report determined the following degree of protection on the tool's 6-point scale:

  • Protection: 4.0
  • Repair: 4.5
  • Usability: 5.5

AV-Test.org detected no false positives, indicated that MSE didn't seem to hurt the performance of the systems tested, noted that MSE scored well within the industry averages across the board, and reported that MSE supposedly detected 98.4 percent of the half-million viruses, worms, and Trojans in the AV-Test.org database, along with all its known rootkits.

My eyes began to scan the chart of other products that were certified (or failed to qualify for certification) with Windows 7 by AV-Test.org, and I was shocked by what I saw. Norman Security Suite 8.0 pulled just a 2.0 for Protection and Trend Micro Internet Security Pro 2010 got only a 2.5. Neither was certified by AV-Test.org. McAfee Internet Security 2010 got a 2.0 on the Repair side and wasn't certified. Some of the more outstanding winners, so to speak, were AVG Internet Security 9.0 (scores: 5.5, 4.0, 5.0), F-Secure Internet Security 2010 (5.0, 5.0, 5.5), Kaspersky Internet Security 2010 (5.0, 5.5, 5.5), Panda Internet Security 2010 (5.5, 5.5, 5.0), and Symantec Norton Internet Security 2010 (5.5, 5.0, 5.5).

The bottom line: Microsoft Security Essentials has me protected. I look forward to version 2.0 going live and the small-business offering being made public in the very near future (as sources have indicated).

What do you think? Does MSE have a shot of being your new go-to app for antivirus protection or will you stick with old standbys that have kept you safe all along?

This article, "Microsoft Security Essentials: Free, so what's the catch?," was originally published at InfoWorld.com. Read more of J. Peter Bruzzese's Enterprise Windows blog and follow the latest developments in security and Windows at InfoWorld.com.

Subscribe to the Security Watch Newsletter

Comments