Microsoft has released its free Security Essentials software, antivirus and antispyware protection aimed at home users. It runs on XP 32-bit, or Vista or Windows 7 32-bit or 64-bit, the only technical restriction being that Windows must validate as “genuine”. Businesses are meant to use Forefront Client Security, though “home-based small businesses” are specifically permitted in the license agreement. I installed it on my Windows 7 64-bit desktop PC.
Installation was smooth, guided by a simple wizard with a castle logo:
The trickiest moment comes when the installer recommends that you “remove other antivirus and antispyware programs”:
I am glad that Microsoft is confronting this issue, since running multiple antivirus applications is terrible for performance. It does make the point that this free software will not be good for competitors at this end of the market. The other issue is that removing other security software will probably mean a reboot as well as passing one or more dialogs pleading with you to reconsider. Do this before running the installer.
Once done, Security Essentials – a terrible, unmemorable, tongue-twisting name – announces that your computer is at risk while it goes off and downloads updates:
When the update completes, it does a quick scan, which took around 30 minutes on my machine. I let this complete – nothing was found – and then had a poke around the tabs and settings.
The user interface is nicely designed and there isn’t much to see. Be default Security Essentials will scan your PC once a week on Sunday night. You can specify quick or full scans. The software also monitors all file activity looking for malware. I get the impression that Microsoft has tried to make Security Essentials as unobtrusive as possible, which is most welcome.
One thing that did annoy me is the settings for recommended actions:
In patronising style, Microsoft offers “Recommended action” as the default when malware is detected, but does not tell you what that action is. It is explained here – for severe or high alerts, it attempts to remove the malware, while for medium or low alerts it quarantines it. However, it does seem to ask first, which is important in the case of false positives.
I couldn’t find any way of setting the frequency of updates, which surprised me.
I gave Security Essentials an easy test by downloading eicar, a harmless file which for testing antivirus software. Security Essentials sprang into life:
I clicked Show details and got another red dialog offering to perform the recommended action, which was Remove. Another click, and it claimed to have done it, with the dialog turning a reassuring shade of green.
Is it any good? That’s a tough one. I don’t have high expectations of any security software based on scanning for known malware. Such software tends to fail when new viruses appear, as they do constantly. Another problem is that the bad guys can run the same security software as you, and design their malware to avoid its effects. In general, it is obvious that antivirus software has failed to prevent the spread of malware. I rate other things as more important, such as keeping systems up-to-date with patches and observing best practice concerning what you allow to execute. Unfortunately clever social engineering can often defeat good intentions.
Still, if you consider antivirus software a necessary evil, this one impresses by being nicely designed and mostly staying out of the way. If you are looking for the highest detection rates, you will have to wait for statistical analyses to be done. I am sure the commercial security companies will be quick to report on failures.
Personally I’m delighted that users can now get the Windows security center (Action Center in Windows 7) to stop bugging them without installing third-party software. Another advantage is that the software won’t stop updating when the user fails to subscribe or renew. Microsoft has plenty of incentive to get this one right, and to deliver something at least as good as the competition without slugging performance or annoying the user with advertisements and/or constant exhortations to upgrade. I think it is worth a try.