• On TV.com: THE LAST AIRBENDER Movie Trailer
September 29, 2009 9:01 AM PDT

Security Essentials graduates to v1.0

by Seth Rosenblatt
  • Font size
  • Print
  • 71 comments

Microsoft has released version 1.0 of Security Essentials, the successor to Live OneCare. Originally known as Morro, Security Essentials retains the core features of OneCare, but abandons the additional heft of a firewall, performance tuning, and backup and restore options in exchange for making the program free. Rather than taking aim at full-featured security suites made by Symantec or Eset, the features available in Security Essentials indicate that Microsoft is aiming to compete with basic-but-free security apps.

Microsoft Security Essentials--photos

For the select 75,000 public beta testers who got their hands on the program when the limited public beta was offered in June, there will be few appreciable differences between the beta and the final version. For the rest of the planet, Security Essentials features key defenses that are boilerplate for any respectable security program.

Features

It uses both definition file and real-time defenses against viruses and spyware, and also offers rootkit protection. The program's reputation-based detection and software signature-based detection seem to rely heavily on Microsoft SpyNet, the unfortunately named cloud-based service that compares file behavior across computers running various Microsoft operating systems.

The official version 1.0 of Microsoft Security Essentials looks identical to the popular limited beta version from June 2009.

(Credit: Screenshot by Seth Rosenblatt/CNET)

SpyNet was introduced in Windows Vista and extended to Windows 7, but Microsoft Security Essentials is the only way to access the network on Windows XP. Unlike other security vendors that allow customers to take advantage of the benefits of their behavioral detection engines while opting out of submitting information, there's no way to do that with SpyNet.

You can choose between two SpyNet memberships. Basic submits to Microsoft the detected software's origins, your response to it, and whether that action was successful, while the Advanced membership submits all that plus the location on your hard drive of the software in question, how it operates, and how it has impacted your computer. Both basic and advanced warn users that personal data might be "accidentally" sent to Microsoft, although they promise to neither identify nor contact you. Opting out of SpyNet, however, is not an option in Security Essentials.

Security Essentials benefits greatly from having a simple, streamlined interface. There are four tabs, each with a concise and understandable label: Home, Update, History, and Settings. The program also uses easy-to-grasp labels, imported from OneCare: green for all good, yellow for warning, and red for an at-risk situation.

From the Home window, you can run a Quick Scan, Full Scan, or Custom Scan, and a link at the bottom of the pane lets you change the scheduled scan. The Custom Scan lets users select specific folders or drives to scan, but it doesn't allow for customizing the type of scan used. For example, you're not going to be able to choose to scan only for rootkits or heuristics, as you can with other security programs. The program installs a context-menu option for on-the-fly scanning in Windows Explorer, too.

The Update pane manages the definition file updates, with a large action button, and History provides access to a spreadsheet-style list of All detection items, your Quarantine, and items you've Allowed to run. Although it's a basic layout, this no-frills approach to security could prove appealing to computer users who are overwhelmed by more detailed security choices.

Users can choose between two options for SpyNet, but no way to not contribute to it.

(Credit: Screenshot by Seth Rosenblatt/CNET)

The Settings window allows users to further customize the program by scheduling scans, toggling default actions to take against threats, adjusting real-time protection settings, creating whitelists of excluded files, file types, and processes, and the aforementioned SpyNet options. There's also an Advanced option which is still fairly basic: here you can set Security Essentials to scan archives, removable drives, create a system restore point, or allow all users to view the History tab.

Security Essentials comes pre-configured to run a scan weekly at two in the morning, when your Microsoft thinks your system is likely to be idle. New malware signatures are downloaded once per day by default, although you can manually instigate a definition file update through the update tab. Attachments and downloaded files will be automatically scanned by Security Essentials.

Help is only available in the form of the standard offline Help manual that comes with all Microsoft programs. There's nothing fancy here.

Performance

I found that it installed in less than one minute, and completed its first Quick Scan in less than 30 seconds. The Full Scan took more than an hour to reach the halfway point, and this was borne out by tests performed by CNET Labs' benchmarks. Microsoft Security Essentials actually sped up the boot time of our test computer by more than two seconds, and it sped up the shut-down time by more than two and a half seconds. However, compared to major security vendors it was significantly slower at scanning--Security Essentials took 2,340 seconds to scan, whereas most scans would clock in between 1,000 and 1,100 seconds.

The program comes with a few options for customization, but not many.

(Credit: Screenshot by Seth Rosenblatt/CNET)

In our iTunes decoding test it scored similarly to its competition, about 7 seconds slower than an unsecured computer. In our MS Office test and media multitasking tests it was faster than some--503 seconds versus 552 seconds for Norton AntiVirus 2010 in the Office test, and 844 seconds versus 876 seconds for Trend Micro Internet Security Pro in the media test.

While running the Full Scan, I noticed that it took up about 86 MB of RAM. However, it felt far lighter, and I was able to perform resource-intensive tasks like uploading photos without any noticeable freezes.

Third-party virus detection efficacy scores were not available at the time of writing, and it's not currently clear whether Security Essentials shares the same detection engine as Live OneCare. However, CNET reporter Ina Fried mentioned that Security Essentials stopped her from accidentally coming down with a case of Koobface.

Conclusion

Microsoft Security Essentials is a lightweight security app that people might turn to for a number of key reasons. It's easy on the system resources, it's easy to figure out how to use, and it comes pre-configured. It only works on legally licensed Microsoft computers, which is understandable but potentially leaves a large segment of the unprotected population still unprotected. You can't opt out of contributing to SpyNet, which isn't understandable at all. Overall, it's recommended for those who want something to set and ignore, but users who want more robust configuration choices or don't want to contribute to the cloud should look elsewhere.

Seth peers into the deep, dark corners of software so that you don't have to. He has yet to suffer a single nightmare about OS/2. You can follow him on Twitter.
Topics:

Security and spyware,

Windows Software

Tags:

Microsoft Security Essentials,

freeware,

antivirus,

anti-malware,

anti-spyware

Share:
Digg
Del.icio.us
Reddit
Recent posts from The Download Blog
Log in with your face
See what's under McAfee's new interface
Tales2Go: Get on-demand audiobooks for children
Microsoft, Google split over browser bug bounty
Mozilla plans to drop Mac OS X 10.4 support
TweetDeck gets a few tweaks
Adobe promises faster Flash on Macs
Security software maker Vitamin D exits beta
Add a Comment (Log in or register) Showing 1 of 3 pages (71 Comments)
by dlevinson15 September 29, 2009 9:39 AM PDT
I think you need a checklist for your security reviews - you know, list all major security features, rank them in some way and test the products against it. Look at some of the features you forgot to check on MSE:<br /><br />phishing detection - no<br />IPS - no<br />detection of malicious scripts in web pages - no<br />search markup - no<br />firewall - no<br />password protection - no<br />vulnerability assessment - no<br />rescue disk - no<br />update frequency - 1 per day (though if their heuristics think something is bad they will check the file in the cloud - but the better scanners do updates at least hourly)<br />support - none<br /><br />Yes, some of those features you can get with your OS (if you like Windows firewall, for example), some come with some browsers (though the phishing protection in IE and Firefox is anemic) - all those features you can get with other software, free even. But only if you know to put together the all the parts. So given all that MSE is missing, and all the other options out their, is MSE really a good idea?
Reply to this comment
by srosenblatt September 29, 2009 9:56 AM PDT
In a word, sort of. As you noted, many of those features are available elsewhere, and they're not necessarily must-have options. For free, basic AV, MSE seems to do fine.
by Vegaman_Dan September 29, 2009 10:07 AM PDT
All excellent points, but when you go in with a negative attitude, you are only going to find negative resutls. It's clear from your comments you already made up your mind before you even started posted. Let's try that same list of criteria of yours with a more positive outlook. <br /> <br />Phishing detection - no (Allows you to let your choice of browser do this since they have it built in already. No need to duplicate efforts or slow your system down like the offerings from the major security vendors, which results in a faster system) <br />IPS - no (again, this is not needed by a free AV app) <br />detection of malicious scrips i nweb pages - no (This is the job of the web browser, not the AV. Freedom for the user to choose what they want to use) <br />Search markup - no (See previous comments) <br />Firewall - no (Built into the OS and has been for years. No need to have TWO firewalls fighting each other) <br />Password protection - no (This is not the area of protection I want an AV product for. There are other apps for this.) <br />Vulnerability assessment - no (For general state of the system, yes. It's already there, but I suspect you're talking once again about web browser duties, not AV) <br />Rescue disk - no (THANK GOODNESS! In order to have a rescue disk, you are locked into proprietary formats with huge overhead useage of system resources. I'm glad to NOT have to be locked into that solution. Need a backup? Make a backup of your files. Need an image copy? That's built into the OS itself. Why duplicate efforts?) <br />Update frequency - once per day (This is adjustable by the end user. You can scan every minute if you want- that's up to you, the end user. Again, end user choice is good) <br />Support - none (Heh, obviously you've never had to call Norton before and suffered through their 'support'. Norton's support is to tell you they are lmited only to installing or uninstalling their product. That's it. <br /> <br />So... what you're saying here is that you want an AV product to do the job of what today's modern web browsers do already. You want to have duplciation of effort and a slow down of overall performance as a result. I think you may hve overlooked some of the basic features of both the OS and the browsers currently available. Personally, I am happier to have the freedom of choice of how I want to have it configured.
6 people like this comment
by bradward747 September 29, 2009 11:37 AM PDT
Wrong is 3 times per day. Plus unless your running a hacker lab in your basement you really do not need those.
by sting7k September 29, 2009 1:08 PM PDT
If you can't spot a phishing site on your own you need to brush up. FF3 has it anyway. Windows has a built in firewall, as does your router. Password protect your Windows account. Who uses rescue discs? Set system restore to automatically create points throughout the week.
by gggg sssss September 29, 2009 6:20 PM PDT
agree with Dan
by TheDudeWithTude October 4, 2009 6:11 PM PDT
In my personal opinion, MSE is okay. However, for users who want more, get Avast. For more, get Panda IS 2010. It all depends on how much you want. And also, you're trying to make the AV do what the browser already should do. You are single minded and sighted, you idiot.
by MS_rainmaker October 4, 2009 7:23 PM PDT
they have a Support group, technical support if thats what you mean.... its a free technical support, no charge, open 24 hours. Microsoft offers free free technical support...
by unknown unknown October 4, 2009 10:41 PM PDT
Unfortunately getting marks in review checklists has lead to a lot AV package suffering massive bloat as they try to be complete security suits. Also, in order to convince consumers they're doing something they popup a message every time they do something regardless of how trivial (why I stop using Norton several years ago).<br /><br />I am using MSE precisely because it doesn't have a lot of bells and whistles/junk tacked on.
4 people like this comment
by firefoxluva95 October 5, 2009 6:03 AM PDT
This is an AV product, not a security suite. There's a difference.
by rmva September 29, 2009 9:51 AM PDT
Free is good.
Reply to this comment
by empirestatebuddy September 29, 2009 4:33 PM PDT
Agree.
by gggg sssss September 29, 2009 6:21 PM PDT
better than avg?
by n3td3v September 29, 2009 9:52 AM PDT
I've been using Microsoft Security Essentials since the Beta stage, its a good bit of kit. The most interesting feature of all on it is the Microsoft SpyNet which collects statistics on all its users.
Reply to this comment
by Fire Balls September 29, 2009 9:59 AM PDT
You can out of the "spy net" lol (yes that was a funny name for it Microsoft..) one thing it does have that not all free AV do is root kit detection. Also I have found it to be a lot better on dection then many other free AV
by jakemochas September 29, 2009 6:47 PM PDT
found a trojan that AVG missed... says "severe", but with windows 7 i haven't even noticed a slow down
by amz-ss September 29, 2009 10:12 AM PDT
Good to know that we will have more choices for free AV , I tried the AVG free one and its really good , so I'm interested in knowing how this one is compared to that one ! .
Reply to this comment
by gggg sssss September 29, 2009 6:22 PM PDT
AVG just let some crapware fake AV in one one PC, but the twit of a user did click OK. Even symantec lets in fake AV
by gggg sssss September 29, 2009 6:25 PM PDT
@dlevinson15 of course half of the worlds website wont work if javascript is diabled.
by dlevinson15 September 29, 2009 10:53 AM PDT
To reply to Vegaman<br /><br />First, thanx for the detailed reply. But I think you misunderstood some of my points.<br /><br /><br /><br />Phishing detection - no (Allows you to let your choice of browser do this since they have it built in already. No need to duplicate efforts or slow your system down like the offerings from the major security vendors, which results in a faster system) . <br /><br />response - recent tests from Carnegie Mellon U - http://www.ceas.cc/papers-2009/ceas2009-paper-32.pdf -the phishing protection in IE and Firefox isn't great.<br /><br /><br />IPS - no (again, this is not needed by a free AV app) <br />Reponse - IPS is critical at detecting attempts to exploit zero day vulnerabilities. Kaspersky, Symantec and others include this for just this reason. Even the best av scanners miss things - you need another layer of protection.<br /><br />detection of malicious scrips i nweb pages - no (This is the job of the web browser, not the AV. Freedom for the user to choose what they want to use) <br /><br />Response - Browsers don't do this. You can (and should) download the the "noscript" pluggin for firefox - but most people won't.<br /><br />Search markup - no (See previous comments) <br /><br />Response - No browsers do this - none. McAfee, AVG and Symantec all offer this feature - and it is great. You have a good chance of knowing which search results are actually infected before you click the link<br /><br />Firewall - no (Built into the OS and has been for years. No need to have TWO firewalls fighting each other) <br />Password protection - no (This is not the area of protection I want an AV product for. There are other apps for this.) <br />Vulnerability assessment - no (For general state of the system, yes. It's already there, but I suspect you're talking once again about web browser duties, not AV) <br /><br />No, I'm talking overall OS and application vulnerability assessment - the better security suites do this.<br /><br />Rescue disk - no (THANK GOODNESS! In order to have a rescue disk, you are locked into proprietary formats with huge overhead useage of system resources. I'm glad to NOT have to be locked into that solution. Need a backup? Make a backup of your files. Need an image copy? That's built into the OS itself. Why duplicate efforts?) <br /><br />Response - you misunderstand. The better security suites ship with a self booting rescue disk - a bootable CD with network drivers and a scanner - so if your PC is heavily infected you can boot to a clean, highly secured environment and remove the malware without the malware having a chance to load up and fight you. Again, a great feature if you computer is infected.<br /><br />Update frequency - once per day (This is adjustable by the end user. You can scan every minute if you want- that's up to you, the end user. Again, end user choice is good) <br /><br />Response - up to 20,000 new viruses are released every day (yes, that is an insane number, but true). You need sig file updates to detect the new malware more than once per day. MSE only does one update per day. Kaspersky does it something like 40 updates per day - and Symantec even more.<br /><br />Support - none (Heh, obviously you've never had to call Norton before and suffered through their 'support'. Norton's support is to tell you they are lmited only to installing or uninstalling their product.<br />Norton as free phone support - and built in remote control. I'd rather my mother call them then have her call me when she has a problem.<br /><br /> That's it. <br /><br /><br />What I want is a complete security solution - not a scaled down scanner that will give users a false sense of security.
Reply to this comment
by Eddie-c September 29, 2009 11:00 AM PDT
There's an *old* I.T. maxim ... never trust a v1.0 release. ;)
Reply to this comment
by Nortonpal September 29, 2009 11:16 AM PDT
I tested Microsoft SE some months. It perfectly works with Windows 7 (RC). Microsoft SE has no conflicts with NOD 32 4 Smart Security and Norton Internet Security 2010. It's really update frequency - 1 per day, but it is quite enough of it. I did many tests and Microsoft SE have shown magnificent results. <br /> NOD 32 4 Smart Security has found out only 80 percent of wreckers in comparison with Microsoft SE. NOD 32 tried to block some threats, but at persevering desire there is in a dangerous zone it passed a virus in system.Microsoft SE cleaned the computer and informed on the executed work. <br />I scanned RAR with 1737 viruses. Here result of scanning: Microsoft SE has found out 1732 viruses, NOD 32 4 SS - 1728 and Norton 2010 has found out 201 virus from 202 files!!!So Norton was mistaken even in quantity of files. Certainly Norton has fine design and every minute reminds of its work. Work Microsoft SE is imperceptible, it does not influence speed of the computer and does not bother with messages. It does not need to be adjusted. It is the fine program for any user.Firewall... it's possible to use Microsoft (it's in each computer), or to take advantage of another, now many free quite good programs. Password protection..... it's self-deception.Rescue disk - a children's toy, what for it is necessary???Microsoft SE has all necessary for qualitative protection of the computer. It does not create false illusions of unnecessary protection and does not stick out its merits.I think it the best system of protection. A new principle of work, absence of failures (therefore it does not require in support) - certainly it unpleasantly for Symantec etc. And other manufacturers should up something that could to compete with Microsoft SE.
Reply to this comment 1 person likes this comment
by Donniebrasco September 29, 2009 11:35 AM PDT
I think I'll continue to stick with Avast. It has yet to fail me. I could use a new go-to spyware program though. Ad-Aware seems to have come down with a case of bloat.
Reply to this comment
by SactoGuy018 September 29, 2009 11:48 AM PDT
This is why I am a paid user of Norton Internet Security. I'm using NIS 2010, which uses a lot less resources than in the past and has gotten excellent ratings for its scanning speed and much improved detection of malware.
by DaveOCP September 29, 2009 12:49 PM PDT
Avast is excellent. As for spyware, try Malware-bytes and Super Anti-spyware Free Edition. Ad-aware is a total joke at this point.
by Donniebrasco September 29, 2009 5:11 PM PDT
I had been a NIS user in the past, but as you mentioned, left it behind when it started to hog resources.
by TheDudeWithTude October 4, 2009 6:18 PM PDT
Four words: Spyware Doctor Starter Edition.
by Jack-Bxp September 29, 2009 11:53 AM PDT
"From the Home window, you can run a Quick Scan, Full Scan, or Custom Scan, and a link at the bottom of the pane lets you change the scheduled scan. The Custom Scan lets users select specific folders or drives to scan, but it doesn't allow for customizing the type of scan used. For example, you're not going to be able to choose to scan only for rootkits or heuristics, as you can with other security programs" - I wasn't sure if it would scan. At least it scans. I'm just off now to do some scanning.
Reply to this comment
by FASTER220 September 29, 2009 12:21 PM PDT
Tried to install this program ten time on my Win Vista Ultimate 64 bit and it keeps saying ( Can't complete the Microsoft Security Essentials Installation Wizard ) Error code:0x80070643
Reply to this comment
by maniopas September 29, 2009 12:59 PM PDT
To dlevinson15<br /><br />Well, propably you have a fine point in most things. However, we are talking for an AV software and not for a Firewall or Overall Security program.<br /><br />I do not pretend to be a fun of any MS security (I would trust none of my files to SE before thoroughly testing it myself). However, I feel you are being a bit too harsh with the product. The question for every program is:<br /><br />Does it do the work it is supposed to do?<br />If yes, then obviously it is a good one. So, if what said above is true and it has a high malicious software detection percentage, I feel that it should be proclaimed a successful product.<br /><br />On the whole, you could get other programs to do the work you mentioned (for example, Zone Alarm, Avast and Panda firewalls upport many of those things). And, concerning browser-related safety, you could use Chrome or the plug-in for firefox you mentioned or you could use another product again (such as Site Advisor for site markup).<br /><br />Anyway, as I said, we are not discussing SE as a Security Suit, but as an AV, which is what it is supposed to be. And if all above are true (to test it, I will need a full month) it is a good one too.<br /><br />Of course, installing other security programs as well may not be convenient (not much ram or processor power or any reason for this). In this case, I think turning your attention to other applications is the best thing to do.
Reply to this comment
by TheDudeWithTude October 4, 2009 6:20 PM PDT
Web Of Trust is much better than SiteAdvisor. Much more accurate ratings.
by clrgj2 September 29, 2009 1:00 PM PDT
how does it compare to AVG 8.5?
Reply to this comment
by maniopas September 29, 2009 1:31 PM PDT
"I scanned RAR with 1737 viruses. Here result of scanning: Microsoft SE has found out 1732 viruses, NOD 32 4 SS - 1728" - Nortonpal<br /><br />Well, thinking that AVG has lower detection statistics than NOD 32, propably SE is better at detection. But remember that it is an AV and not a Securty Suite.
by sting7k September 29, 2009 1:09 PM PDT
This is good because my Live OneCare subscription ends in a month. Now I can go back to free and not have it bog down my computer with needless hand holding through every process of using my computer. If you can't spot a fake website or email phishing for your information on your own you deserve it.
Reply to this comment
by DMBoricua September 29, 2009 2:26 PM PDT
Is this program good? Oh the hell with it I'm trying it out.
Reply to this comment
by wernerswx September 29, 2009 4:40 PM PDT
Free is good . This is a Must have .
Reply to this comment
by travelchick34 September 29, 2009 4:41 PM PDT
horrible!! Can't get it to load on my computer. I gave up after 5 times. I was advise that i have to get rid of advance care. A Big headache
Reply to this comment
by ThinkThenType September 29, 2009 5:09 PM PDT
Just to respond to your point dlevinson, there are two things you seem to be forgetting.<br /><br />1. Its not meant to be the full bells and whistles security app. Just a basic essentials package. Think of it like your basic family hatchback rather than your sports car. It does the job you need and nothing else. Those who want to go out and purchase a fully paid app will do so - for those who don't this is a sensible alternative.<br /><br />2. Microsoft get into enough anti-trust problems as it is. If they wanted to I am sure they could give us all a free package with all the things you mention. However then they would be direct competition to companies like Kaspersky and Norton. And given there size and potential user base that wouldn't make them very popular. If you could get all the things you want in a one-off easy install package from MS for free then who would buy any other product?<br /><br />Like I said for now this package does its job and does it well. Its also from a MS so an awful lot of people who don't have ANY virus protection may just go ahead and download it. And the less viruses in the wild the better for all of us.<br /><br />For the tech boys and the people who need a complete security app there are other options. Which is just how it should be. MS giving us a basic package but not infringing on other people's livelihood by giving us everything for nothing.<br /><br />Be fair - the boys at Redmond seem to have really woken up these last few years. First Windows 7 and now this. I've been a huge critic of them over the years so I think it's only right I give praise when its due.<br /><br />TTT
Reply to this comment 2 people like this comment
by gggg sssss September 29, 2009 6:27 PM PDT
infringing on the livelihood of Symantec staff would be a good thing. Over priced, ineffective, intrusive what did I leave out?
by maniopas September 30, 2009 7:44 AM PDT
I agree completely. I think Windows 7 is the best thing that happened to MS for over a decade. And after testing SE and finding it quite impressive, I think that the guys in MS are really into it now. (I dunno, should B.Gates be gone for this to happen? Did he stick with old techniques?)
by thanhtai2009 September 29, 2009 6:39 PM PDT
MSE update very slow, VIPRE very good<br />It slow-down my computer when Real-time protection activated!!!
Reply to this comment
by whiplash55 September 29, 2009 10:41 PM PDT
The beta worked great light weight which is fine since Vista and 7 have all the firewall and backup you need
Reply to this comment
by bhtani September 29, 2009 11:39 PM PDT
Well after all,we need good security.This thing lets user choose whatever We need, whatever We feel worth having &#38; whatever We feel good for protection...SO that isn't bad ..In't it??<br /><br />If we use other free antivirus products(Avast,avira,avg to name the top three) and maybe mr.dlevinson15 will say in response whatever he said &#38; they are true....<br /><br />But I would like to appreciate the freedom they offer...
Reply to this comment
Showing 1 of 3 pages (71 Comments)

Search Download Blog posts

About The Download Blog

Download.com editors cover the world of downloadable software and beyond.

Add this feed to your online news reader

The Download Blog topics

download
Site map
Help center
Our software policies
Newsletters
Submit software
Popular topics
Apple iPhone
Apple iPod
Cell phones
CES 2010
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
CNET Widgets
Customer Help Center
RSS
CNET API
About CNET