• On CHOW: Sexy vampire party
June 23, 2009 2:28 PM PDT

Microsoft Security Essentials not quite a must-have

by Seth Rosenblatt
  • Font size
  • Print
  • 69 comments

Updated June 25 at 12:50 p.m. PDT: Several commenters pointed out a secondary scanning process that runs while a scan is running. While Microsoft Security Essentials uses little memory when not scanning, during a second round of tests it used 60MB to 70MB of RAM, while consuming around 200MB of Virtual Memory.

Updated June 24 at 11:30 a.m. PDT: The 75,000 available slots for testing Security Essentials have been taken. There is no word at the moment whether Microsoft will allow more testers to download the public beta in the future.

Microsoft on Tuesday released its latest foray into security software as a limited beta. Microsoft Security Essentials, known in development as Morro, is limited to 75,000 downloads in four countries: the United States, Israel, Brazil, and China.

Security Essentials contains all the basic features that users have come to expect from free security software: multiple built-in and customizable scan options, a scheduler, automatic definition file updates, a real-time defense shield, and rootkit protection.

Do you need Microsoft Security Essentials?

It's been a bit hard to gauge user interest at this point. Despite the download limitations, I was able to download the installer onto one computer at 10:15 a.m. PDT, and another at 10:45 a.m. Microsoft has also said that the download cap might be lifted at a later date.

This hands-on will be limited to testing the on-board features since CNET doesn't maintain a virus zoo for security reasons. Also, users should note that Security Essentials will run a Windows Genuine Advantage check before installing. If you're running an illegal copy of XP or Vista, you're out of luck here. The program will run on Windows 7 RC, and there's a separate installer for users with 64-bit operating systems. The 32-bit installer for Windows Vista and Windows 7 was small, weighing in at 4.73MB.

The main interface of Microsoft Security Essentials is streamlined and uncluttered.

(Credit: Screenshot by Seth Rosenblatt/CNET)

If you're familiar with other free antivirus solutions such as AVG or Antivir, Security Essentials will probably strike you as an incredibly similar experience. The program opens with four tabs: Home, Update, History, and Settings. When you first start the program, it will ask you to update the definition files. This was a surprisingly fast process, taking about a minute when tested on two different Windows 7 computers.

After updating the definition files, it will ask you if you want to run a Quick Scan. On both of those Windows 7 machines, the Quick Scan worked true to its name and completed in less than 10 minutes. Quick Scans are good tools if you're worried about major infections, but deep scans are recommended regularly to maintain a higher level of protection.

The Home landing page summarizes your security status, indicating whether your system has been scanned successfully, whether real-time protection is on, and if your virus and spyware definitions are up to date. A pane on the right contains scanning controls, and a pane at the bottom tells you when your next scheduled scan is. There's a link to the scheduler, as well.

Security Essentials' Full Scan took nearly an hour and a half to finish, but only used 4MB of RAM while running.

(Credit: Screenshot by Seth Rosenblatt/CNET)

The Full Scan took about 86 minutes, which is a bit long for a deep scan on fairly new, regularly-scanned computers. I didn't think that the program would turn up any risks, but somewhat notably Security Essentials didn't turn up any false positives, either. The Custom Scan lets users select specific folders or drives to scan, but it doesn't allow for customizing the type of scan used. For example, you're not going to be able to choose to scan only for rootkits or heuristics, as you can with other security programs.

The program installs a context-menu option for on-the-fly scanning in Windows Explorer, too.

What did impress me was the shockingly small memory footprint. During the most resource-intensive action you can take with the program, the full system scan, it worked itself up to using only 4.6MB of RAM. More often than not, it hung around a few bytes lower, at 3.9MB.

The Update tab tells you your definition file version numbers, when your last update was, and has an Update button so you can force an update check. The History tab shows only files detected as potentially harmful. You can sort files it's detected according to All Detected Items, Quarantined Items, or Allowed Items.

User can customize some, but not all, aspects of the program.

(Credit: Screenshot by Seth Rosenblatt/CNET)

The last tab, Settings, is where most of the customization features reside. A left sidebar list contains options for Scheduling your scans, adjusting Default actions, tweaking Real-time protection, Excluding files, folders, file types, and processes from scans, Advanced controls, and managing your Microsoft SpyNet enrollment.

Yeah, Microsoft actually called something "SpyNet."

SpyNet, apparently, is a telemetry system Microsoft uses to quality-control definition-file updates after they've been sent out. According to the Microsoft news release, SpyNet reports back on the efficacy of old definition file removal and the implementation of new definitions, as well as how detection rates on false positives.

Security Essentials users must participate in SpyNet. The default option, Basic, reports to Microsoft on where a potentially infected file came from, what your action was, what the recommended action was, and whether the action taken was successful.

Security Essentials' SpyNet malware reporting feature.

(Credit: Screenshot by Seth Rosenblatt/CNET)

The Advanced membership in SpyNet will send even more information to Microsoft, including the location on disk of your potential infection, how it has affected your computer, and how it operates. For both Basic and Advanced SpyNet membership, Microsoft warns that, "personal information might unintentionally be sent to Microsoft," but that the company "will not use this information to identify or you or contact you."

On the surface of it, this sounds like a standard security software reporting process on malware behavior, although I don't know how deep other programs go into your system behavior. However, it's definitely odd that Microsoft has chosen to call it out in this way.

It's hard to gauge any antivirus program without reliable data on its detection and removal rates. Microsoft Live's OneCare security program has a reputation for low false positives and strong "new" detection rates, but it's not clear how much of Security Essentials is built on or from OneCare. At this point, I'd advise users who are curious about Microsoft Security Essentials to try it out, but I wouldn't recommend it yet as a primary security solution without more field testing.

Seth peers into the deep, dark corners of software so that you don't have to. He has yet to suffer a single nightmare about OS/2. You can follow him on Twitter.
Topics:

Security and spyware,

Windows Software

Tags:

Microsoft Security Essentials,

Morro,

antivirus,

antimalware,

spyware,

freeware

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Download Blog
Yahoo Messenger 10 waves bye to 'beta'
Multiple updates for Chrome stable and dev
NBA Basketball and a squishy driving game: iPhone apps of the week
iTunes music library makes its way to the browser
Office 2010 beta leaks early
Google buys Gizmo5 for Google Voice
Microsoft opens online mobile Marketplace
PressReader brings 1,300 newspapers to your iPhone
Add a Comment (Log in or register) Showing 1 of 2 pages (69 Comments)
by dlevinson15 June 23, 2009 2:41 PM PDT
So will this product block infected or malicious web pages? No
Will it block intrusions? No
Does it have a firewall? No
Does it have a rescue disk? No
Does it have support? No

Great idea - let's put our security in the hands of half a product with no support.
Reply to this comment
by jessiethe3rd June 23, 2009 2:44 PM PDT
It's a free virus scan... nothing mroe nothing less... Free is free. I challenge you to name a free virus scan package that's all of these things that will remain free.
by monkeyfun14 June 23, 2009 2:45 PM PDT
Its a antivirus not a security suite.

You can't really complain considering its still beta and its a free software.
by yipcanjo June 23, 2009 2:53 PM PDT
Hey dingbat...

XP, Vista and Win7 all have firewalls. Vista and Win7 have "Defender", a malware detector, built in to the OS. This is a free product that *actually* appears to function well without bogging down the system.

What is the issue here? Looks like a reasonable product.
by Williame789 June 23, 2009 3:23 PM PDT
It works really great and for the infected and malicious pages use Firefox, for the intrusion a firewall and windows have a firewall, the rescue disk use windows backup, support? it's free so don't complain.
by Vegaman_Dan June 23, 2009 10:14 PM PDT
@dlevinson15:

"So will this product block infected or malicious web pages? No"

Neither will most free security products. That's up to you, the end user, to be smart enough not to go to those sites in the first place. You surf porn and you're going to get infected.

"Will it block intrusions? No"

Actually, it will. Download and install it to find out.

"Does it have a firewall? No"

Doesn't need one- there's one in the OS already.

"Does it have a rescue disk? No"

You don't need one. This isn't Norton or Symantec. This is much easier to work with. Just Windows Recovery will work and that's built into your OS. It has been for years.

"Does it have support? No"

It's a beta. Of course it doesn't have support. Why would you expect it to? That isn't being very realistic.

I would suggest you try the product before you dismiss it so out of hand. Then you would have an informed opinion instead of just making things up as they suit you.
by Insipid_Cocktail June 24, 2009 5:51 AM PDT
@dlevinson15: First, MSE is excellent when it comes to prevention. Now, what you appear to be asking for is a security suite. This program is not a security suite. Even moreso, it's a Beta download so there's no disks that come with it. Finally, it should be common knowledge by now that security suite means good protection in one area, but unreliable protection forced upon the user in another area. Nobody should use security suites, rather they should use a combination of various defenses that don't pigeonhole the buyer into only using their one product.

For what it is, MSE, is a fine anti-virus. It can't be bashed simply because it's made by Microsoft.
by sting7k June 24, 2009 7:32 AM PDT
Does it block malicious webpages and intrusions? That's why you have Windows Defender and Windows Firewall built into Windows XP and Vista already...or just don't go to bad sites, they are easy to spot.
Does it have a firewall? Yes, one is built into Windows now; Windows Firewall.
Does it have a rescue disk? No, it's not 2003, back up to an external HDD or use System Restore which has been there for years.
Does it have support? It's free...
by Issaland June 25, 2009 11:32 AM PDT
Another Avast fanatic :/
by jacob54321 June 26, 2009 3:27 PM PDT
well these video reviews show it works maybe you should try it before you judge it

http://www.youtube.com/watch?v=qD1WfImw97E

http://www.youtube.com/watch?v=4tzKvA1cVZk
by martin_metal June 27, 2009 7:35 AM PDT
Are you realy needed of a firewall, acutally you already have 2 or more ( windows one + router one ) adding a third to this will only make them block themself..
See more comment replies
by n3td3v June 23, 2009 2:51 PM PDT
If you live in the United Kingdom you can still obtain a copy via https://connect.microsoft.com/securityessentials
Reply to this comment
by jeromey.shannon June 23, 2009 5:55 PM PDT
I was able to download the beta in Canada using this link. Thanks!
Anyone else interested, be sure to use IE, as you need to use the MS Download Manager.
by maurice 1952 June 23, 2009 3:14 PM PDT
Have here in UK just utilized Morro and have found it it to be low on resources,no doubt as M/S wanted it to be utilized on net books etc.Initialize use seems promising, this on Win7,Build 7260.
Reply to this comment
by rmva June 23, 2009 4:28 PM PDT
Seth just muster up enough courage to say "Liked it." It would have ruined his reputation as a grump.
Reply to this comment
by SlimGem June 23, 2009 4:36 PM PDT
Although I've been using AVG with my Win7 RC install, I'm going to give this a try.
What's to lose if it's all free?
Reply to this comment
by walletless June 23, 2009 6:04 PM PDT
I removed AVG and installed this.. so far pretty happy. But I don't run a virus zoo either, so it is difficult to tell the effectiveness. This product makes AVG looks like a memory hogger though :)

One word though - do not met two AV products co-exist - it is not recommended since the two products will butt-head and show false negatives.
by SlimGem June 23, 2009 10:02 PM PDT
I just downloaded and installed it a few hours ago. No problems and works fast. I did uninstall AVG first of course. With this and Windows 7 it looks like MS is really getting their act together on security.
by NotRelevent June 23, 2009 9:58 PM PDT
This article only looked at the memory usage for the UI part of MSE. Just like windows defender, the UI and the actual scanning engine run as two different processes. Sure the UI would only be taking 4 or 5MB of RAM because its not really doing much but sitting around looking pretty. The actual scanning engine process during a quick scan consumes anywhere from 30 to 60MB of RAM. Anyone running MSE look in your task manager, if I remember correctly the process is called MsMpEng.exe.
Reply to this comment
by srosenblatt June 24, 2009 1:38 PM PDT
Couldn't find MsMpEng in the process tree, or anything similarly named. However, I did install Process Explorer, which listed the Working Set size at 12.2 MB. That's still incredibly low while running a full scan, but it is three times what the Windows 7 default task manager revealed.
by uuf6429 June 24, 2009 12:03 AM PDT
What's the big deal?

MS has already released at least 2 different malware detection systems, for even down to Windows XP; Windows Defender and Live OneCare.
As to "SpyNet", where's the big news? I've seen it mentioned and got enrolled into with the installation of Windows Defender on WINDOWS XP, not Vista nor 7.

As to support/usage, which idiot does actually rely on beta software, especially software that has just been released?
Sure, go on and install it, help MS make it better. But don't expect anything "big" like more features, etc.

If I read MS right, this could be used as an in/pre-built solution into future versions of windows.

Now, don't talk to me about anti-trust crap, Linux comes with it's own anti-virus the same with it's browser. Up to date no operating system comes with so much stuff missing.
Messing with MS on this issue is simply unacceptable.

Kind regards,
Christian Sciberras
Reply to this comment
by mbenedict June 24, 2009 12:11 AM PDT
I don't get it.

MS SpyNet has been around for YEARS -- as anyone has ever used Windows Defender should know -- yet the author is writing as if this is the first time he's seen SpyNet, like it's a new feature of Security Essentials.

Scary to think this author has reviewed many anti-virus type products yet apparently didn't even know what SpyNet is. Makes me seriously doubt the quality of his reviews in its entirety.
Reply to this comment
by crazykillller June 24, 2009 12:20 AM PDT
I quote dlevinson15



So will this product block infected or malicious web pages? No
Will it block intrusions? No
Does it have a firewall? No
Does it have a rescue disk? No
Does it have support? No

Now why would someone want to download this if it does not offer total Security even when free and in its beta version? This is absolute junk and so was Windows Defender!
Reply to this comment
by jessiethe3rd June 24, 2009 7:20 AM PDT
Will it block intrusions: yes
Does it have a firewall - the os does already - yes
does it rescue disk - ythe os does already - yes
does it have support - it's a beta duh no.

It works with defender and it's a virus scan package. defender is a component of the overall solution. Why must people be such idiots?
by garethpn June 24, 2009 1:41 AM PDT
One that is definitely worth a look is Panda Cloud anti-virus ( http://www.cloudantivirus.com/ ) I started using it a couple of weeks ago, if your looking for a free firewall too then try comodo pro ( http://personalfirewall.comodo.com/download_firewall.html ) but when you install it un-tick the option for the anti-virus if you already have one installed, multiple anti-virus apps tend not to play well together.
Reply to this comment
by Chris_tan94 June 24, 2009 2:06 AM PDT
1st the program is free and beta version
2nd the program potentially to crash your system and get virus infected if u installed it
3rd products from microsoft example BitDefender Internet Security, all JUNK! except some are useful
4th since the crap is useless i think i'll continue using Kaspersky Internet Security (always reliable and
trusted)
Reply to this comment
by Weudel June 24, 2009 5:38 AM PDT
> 3rd products from microsoft all JUNK! except some are useful

um.......... your post all GREAT! except the content....
by Reticulata June 24, 2009 12:58 PM PDT
please... If you're going to troll, at least have some decent bait
by sakir1981 June 24, 2009 3:34 AM PDT
sakir
Reply to this comment
by Ho3inNK June 24, 2009 4:43 AM PDT
? ?
Reply to this comment
by SilentSkies2889 June 24, 2009 5:34 AM PDT
People who hate on Defender, Windows Firewall, Live OneCare or Security Essentials for that matter, never even once opened the said applications...

Defender has had SpyNet for years and I find it extremely useful because if I DO become infected, it pops up a notification and tells me exactly where, what the file is, what registry entries are and what the malware does to the computer, that means I can easily manually remove the malware. Windows Firewall is just as good as any other 3rd party crapware out there on the market...you just need to KNOW how to operate it since there IS Inbound/Outbound capabilities to enable if you KNOW where to look. I definietely trust Microsoft on security because, hey...let's be honest, who makes Windows? Microsoft, who knows the underlying layers of Windows more than anyone else? Microsoft, therefore I feel safe with them working on security issues. Even OneCare has detected and removed malware on my computer that NO other 3rd party AV/Firewall program could see or detect, that says a lot. For example, playing some songs on www.playlist.com would stop playing, but I'd just move along to another song, but OneCare AND Security Essentials (Morro) detected many many trojans embedded into the songs that would not play at all...hmmm.

Microsoft FTW. Let's see Apple contain any kind of security breach once their OS becomes "mainstream"...if EVER.
Reply to this comment
by sting7k June 24, 2009 7:35 AM PDT
Seriously dude. After I finally caved last year and paid for a full security suite after AVG started sucking I decided on Live OneCare. The thing is awesome. Norton and McAfee drag your system down so bad. Live OneCare uses barely an resources and can do all it's work in the background and never drags my system down. It's been working great since and my computer runs awesome. Most of these people have never even tried these programs, or I doubt they even know Windows Firewall and Defender are both running and protecting their computers already.
by sonymaster101 June 25, 2009 1:18 AM PDT
You are right. you have to admit, apple is going to be in deep **** WHEN (not if) there is a widespread security breach. Apple doesn't have the means to control things like that.

-Microsoft is being helpful to its customers
-FREE. Whats wrong with that
-effective

Microsoft has given its customers all the tools they need to prevent pc security related problems. the issue remains that most computer users in general are to stupid to use them correctly.

Apple, on the other hand, is playing a different approach. they are playing the "We don't have a problem so we don't need to take preventative measures" approach.

-Apple takes Months to release patches for Flaws in OS X, which there are MANY
-There are no security solutions available directly from apple
-very few 3rd party security programs

Apple likes to grind on So-called "PC" users categorizing them as boring, business types. all that really does is insult many potential customers.

Macs are PCs too- the only difference is the operating system.

I guarantee you, within 1 years' time from now, there will be a widespread attack on the Macintosh operating system.

Thank You for Your insight.


_______________________________________________________________
Microsoft = Win Crapple = Fail
by iceman721 June 24, 2009 7:02 AM PDT
I am anxiously looking forward to the full release of MSE & Windows 7. I waited over a year before my computer (desktop) died and I had to buy a new rig which had Vista Home Premium installed. My purchase was within a few days of Service Pack 1 being released. I unboxed my new laptop and took about 2 hours updating Windows and installing Eset Nod 32's security suite. My wife an Apple owner laughed and mocked me with her usually mantra of "You wouldn't have to do this if you'd just bought an Apple dear!". I actually like Vista after having used it for over a year now. It is stable and I don't have any issues with it. Nod 32 (now version 4) is very effective and does not slow my system down at all. Guess who 6 months into my Vista experience installed in on her Macbook using bootcamp and now uses Vista about 60% of the time (that's right my wife).

I said that to say that I think in many ways Microsoft still gets a bad rap over their previous failures (Vista ready fiasco & early Vista driver issues). If Microsoft can debut an effective Virus product that works well with Defender & the built in Firewall to essential take away most major security worries without needing too much customer interaction they will have hit a major home run. Security software is now recommended by Apple for its own products. With Windows 7 looking promising and more streamlined than Vista a free anti-virus software to work seamlessly with the OS's other security features will go a long way to stopping the defections over to the fruit fans. I can't wait to use Windows 7 & MSE together this fall.
Reply to this comment
by Renegade Knight June 24, 2009 7:17 AM PDT
Rootkit protection and a rock solid firewall should be built into the OS.
Reply to this comment
by SilentSkies2889 June 24, 2009 7:20 AM PDT
There is already a rock solid Firewall built into Vista/7, XPs firewall is a joke though, it only has Inbound protection while Vista/7 has both Inbound/Outbound protection (Vista/7 Firewall default settings are set to Inbound only, MMC.exe will enable Outbound if you know where to look :-) ).
by jaytee0 June 24, 2009 8:22 AM PDT
It is built into the OS already! My goodness people... Windows XP+ have a firewall, and they all get regular rootkit protection updates from Microsoft Update. Do some research before you post!
by mickeymjay June 24, 2009 7:22 AM PDT
This looks very promising. Honestly, this will be a perfect program when combined with the security software that windows already has in it. I am looking forward to using this on the RTM build of Windows 7. What more does a person really need? You have a firewall, an antivirus/antispyware. You even have browsers that are getting even better (Firefox, IE).
Reply to this comment
by NewEnglander June 24, 2009 8:05 AM PDT
Looks like it's in limited beta:

Thank you for your interest in joining the Microsoft® Security Essentials Beta. We are not accepting additional participants at this time. Please check back at later a date for possible additional availability.
Reply to this comment
by June 24, 2009 8:22 AM PDT
I was going to install this. But after thinking about it my NOD32 has worked so well for me up to this point why try to fix something that isn't broken. I'll tell you this I do plan on trying in sometime in the future. Maybe when my subscription runs up I'll give it a shot. My thinking on MSE is what better "free AV" category software to use than the company that created the OS that your running? That SpyNet feature doesn't bother or surprise me, all software companys' of all types gather consumer information for themselves to use either to better make their products or to sell off.

@dlevinson15 I don't think you understand what a free AV is about. Unless you get all those other features seperately free from other software makers.

Just my 2 cents!
Reply to this comment
by badcam30 June 24, 2009 8:35 AM PDT
i like this software i just downloaded it. this is used for the other half of anti virus software
Reply to this comment
Showing 1 of 2 pages (69 Comments)

Search Download Blog posts

About The Download Blog

Download.com editors cover the world of downloadable software and beyond.

Add this feed to your online news reader

The Download Blog topics

download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET