Microsoft steps into free AV market

Posted by   Virus Bulletin on   Oct 2, 2009

Security Essentials release creates expected storm of words.

Microsoft's release of its free Security Essentials product this week sparked the expected barrage of views and opinions from all angles, from those hailing the release as the end of the AV industry to those slating the free product as inadequate and pointless.

The new release is designed as a pared-down, free-for-all replacement for the now defunct OneCare, and is intended to mitigate the global malware epidemic by providing protection to those least likely to have a solution in place. Users on lower incomes and in developing nations are hoped to be among those taking advantage of the free product, and its introduction should, its makers claim, reduce the number of infected systems pumping out spam and malicious attacks around the world. It is also hoped that the release will reduce the danger of 'rogue AV' scareware, which targets unprotected users in its attempts to con victims into installing its paid-for software, a threat currently rife on the internet.

While many have suggested that the appearance of Security Essentials on the scene may herald the demise of existing free-for-home-use solutions from the likes of AVG, Alwil (avast!), and Avira (AntiVir), and indeed the rest of the AV industry, others have pointed out the likelihood of healthy competition in the free AV market bringing increasing sophistication to these free products, while also encouraging those who have tried out free solutions to move up to more complete, full-featured products.

The suggestion that it will provide protection for the downtrodden masses has been countered with the argument that those with the urge to install free security have had plenty of options for some time, while those in less developed states, who are likely to be a major part of the botnet problem, are also likely to be running unofficial, unvalidated copies of Windows, which are not supported by the new Microsoft protection offering.

Initial reviews of the product have been generally favourable, with praise for its simple, pared-down design and usability, unobtrusive system impact and decent detection levels. The fact that the product shares a core engine and detection with Microsoft's corporate Forefront product - which has shown steady improvement in independent tests in recent years as Microsoft continues to invest in its security lines - bodes well for the product's static detection abilities.

However, some commentators have criticised the apparent absence of advanced features such as dynamic detection, with one Symantec representative describing the solution as 'behind the times' after a set of test results showed Norton providing superior protection. Microsoft responded by insisting the product does include some sophisticated behavioural monitoring and reputation-based technology, and suggested that the solution is only intended as a component in an in-depth, multi-layer security regime.

"It seems unlikely that this release will revolutionise the security world the way some people have been suggesting," said John Hawes, Technical Consultant at Virus Bulletin. "People aren't going to stop investing in quality security suites with firewalls, intrusion prevention, spam filters and parental controls just because there's another free bare-bones product available. However, with Microsoft's marketing weight behind it, it should hopefully find its way onto some of those untold millions of unprotected systems out there - it should provide decent protection for them and stop their systems spamming and attacking the rest of us. If Microsoft change their mind about not letting it run on pirated copies of Windows, it would make an even bigger difference."

VB will be providing an in-depth review of Microsoft Security Essentials in the November issue. Those interested in trying it out for themselves can find out more and download it from a Microsoft microsite here. Initial views and screenshots can be found in The Register here, with summaries of an early test by AV-Test.org here at The Register, at ComputerWorld here and in the Washington Post here.

More coverage is at ZDNet here. Symantec's blog entry attacking MSE, including a link to the full test report from Dennis Labs, is here, with news coverage here and a response from Microsoft here.

Posted on 02 October 2009 by Virus Bulletin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

Nominations opened for sixth Péter Szőr Award

Virus Bulletin is seeking nominations for the sixth annual Péter Szőr Award.

Haroon Meer and Adrian Sanabria to deliver VB2019 closing keynote

New additions to the VB2019 conference programme include a closing keynote address from Thinkst duo Haroon Meer and Adrian Sanabria and a talk on attacks against payment systems.

Free VB2019 tickets for students

Virus Bulletin is excited to announce that, thanks to generous sponsorship from Google Android, we are able to offer 20 free tickets to students who want to attend VB2019.

VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups seen in recent years. At VB2018 ESET researchers Peter Kálnai and Michal Poslušný presented a paper looking at the group's various…

Book your VB2019 ticket now for a chance to win a ticket for BSides London

Virus Bulletin is proud to sponsor this year's BSides London conference, which will take place next week, and we have a number of tickets to give away.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.