Hands On with Microsoft Security Essentials – terrible name, but product looks good

Microsoft has released its free Security Essentials software, antivirus and antispyware protection aimed at home users. It runs on XP 32-bit, or Vista or Windows 7 32-bit or 64-bit, the only technical restriction being that Windows must validate as “genuine”.  Businesses are meant to use Forefront Client Security, though “home-based small businesses” are specifically permitted in the license agreement. I installed it on my Windows 7 64-bit desktop PC.

Installation was smooth, guided by a simple wizard with a castle logo:

The trickiest moment comes when the installer recommends that you “remove other antivirus and antispyware programs”:

I am glad that Microsoft is confronting this issue, since running multiple antivirus applications is terrible for performance. It does make the point that this free software will not be good for competitors at this end of the market. The other issue is that removing other security software will probably mean a reboot as well as passing one or more dialogs pleading with you to reconsider. Do this before running the installer.

Once done, Security Essentials – a terrible, unmemorable, tongue-twisting name – announces that your computer is at risk while it goes off and downloads updates:

When the update completes, it does a quick scan, which took around 30 minutes on my machine. I let this complete – nothing was found – and then had a poke around the tabs and settings.

The user interface is nicely designed and there isn’t much to see. Be default Security Essentials will scan your PC once a week on Sunday night. You can specify quick or full scans. The software also monitors all file activity looking for malware. I get the impression that Microsoft has tried to make Security Essentials as unobtrusive as possible, which is most welcome.

One thing that did annoy me is the settings for recommended actions:

In patronising style, Microsoft offers “Recommended action” as the default when malware is detected, but does not tell you what that action is. It is explained here – for severe or high alerts, it attempts to remove the malware, while for medium or low alerts it quarantines it. However, it does seem to ask first, which is important in the case of false positives.

I couldn’t find any way of setting the frequency of updates, which surprised me.

I gave Security Essentials an easy test by downloading eicar, a harmless file which for testing antivirus software. Security Essentials sprang into life:

I clicked Show details and got another red dialog offering to perform the recommended action, which was Remove. Another click, and it claimed to have done it, with the dialog turning a reassuring shade of green.

Is it any good? That’s a tough one. I don’t have high expectations of any security software based on scanning for known malware. Such software tends to fail when new viruses appear, as they do constantly. Another problem is that the bad guys can run the same security software as you, and design their malware to avoid its effects. In general, it is obvious that antivirus software has failed to prevent the spread of malware. I rate other things as more important, such as keeping systems up-to-date with patches and observing best practice concerning what you allow to execute. Unfortunately clever social engineering can often defeat good intentions.

Still, if you consider antivirus software a necessary evil, this one impresses by being nicely designed and mostly staying out of the way. If you are looking for the highest detection rates, you will have to wait for statistical analyses to be done. I am sure the commercial security companies will be quick to report on failures.

Personally I’m delighted that users can now get the Windows security center (Action Center in Windows 7) to stop bugging them without installing third-party software. Another advantage is that the software won’t stop updating when the user fails to subscribe or renew. Microsoft has plenty of incentive to get this one right, and to deliver something at least as good as the competition without slugging performance or annoying the user with advertisements and/or  constant exhortations to upgrade. I think it is worth a try.

6 thoughts on “Hands On with Microsoft Security Essentials – terrible name, but product looks good”

  1. Did it slow your computer booting up?

    I only ask because I’ve noticed that after installing AVG, my computer takes a bit longer to run after I log in. It’s not a considerable long time, but noticeable.

    My laptop is a Dell Latitude D830, Core 2 Duo 2.50GHz, 4Mb RAM.

  2. @Adrian

    I’ve just rebooted – not noticeably slower than before, but I didn’t time it before and after unfortunately.

    AVG has got bloated. I’d certainly expect this to slug performance less than AVG with everything enabled.


  3. I have a fresh installation of Windows 7 Ultimate x64 with nothing else installed but Microsoft Office 2007.

    I installed Microsoft Security Essentials x64 a few days ago, and since then my IE8 browser takes about 45-60 seconds to open up and become responsive, and then locks up for 1+min whenever I try to hit a web page.

    If I turn off Security Essentials, IE8 works fine. Is this a known issue? My system is up-to-date with all available patches from Windows Update…

  4. I installed Microsoft Security Essentials on 7/15/10.
    I NEED to control when the automatic updates are downloaded.
    MSE does not offer me an option to “Notify me before downloading”.
    Every time I get on my computer, MSE grabs my computer and downloads updates for hours and I can’t even use my computer.
    Do you know any way to disable automatic updates on MSE without turning of realtime protection, which means you will have no protection.
    I heard that the earlier versions of MSE had a disable automatic update feature. I also heard that the newer MSE version, which came out about 2 weeks ago, does not have this feature.

Comments are closed.