by Seth Rosenblatt / December 22, 2010
The bottom line: Microsoft Security Essentials, an antivirus program created by Microsoft, will protect you, and it will generally do it well. However, its impact on system performance could be improved, and it's still a bit light in the tool belt.
Now in its second iteration, Microsoft Security Essentials (MSE) debuted as the lightweight, cloud-based successor to the paid security suite Live OneCare in 2009. Version 2 introduces deeper hooks into Internet Explorer and the default firewall in Vista and Windows 7. Security Essentials has begun to mature, although it's still rough at the edges.
It takes very little effort to get going with MSE. Microsoft politely does not opt you in to the program's customer experience improvement program; you must choose to opt in or stay out of it before you can finish the installation. It also lets you choose whether to run the Windows Defender firewall, and whether to run a scan once installation is complete, although both of those are opt-out.
Overall, the installation time ran around 4 minutes on our test computer. That's not as blazing fast as some of the paid suites, which can complete installation in less than 60 seconds, but it is respectable for a free program.
MSE's interface adopts a different color scheme than the previous version, going for various shades of gray to replace the vibrant blue and white look. It doesn't pop as much, but it also looks far less like a Windows XP relic.
For those unfamiliar with the design, MSE has four tabs across the top. The Home tab contains your security status and scan options, and you can run a Quick Scan, Full Scan, or Custom Scan. A link at the bottom of the pane lets you change the scheduled scan.
Update is where you manually get new virus definition files and program upgrades, History logs only detected threats, and Settings is where you go for advanced tweaking. The program looks simple, but don't be deceived: there are quite a few advanced options in Settings--just not as many as many competitors offer. Security Essentials uses labels imported from OneCare: green for all good, yellow for warning, and red for an at-risk situation.
Features and support
Under the clean and uncluttered interface, Security Essentials wraps up antivirus and antispyware engines, rootkit protection, and real-time detection courtesy of Microsoft SpyNet, the unfortunately named cloud-based service that anonymously compares file behavior across computers running various Microsoft operating systems.
SpyNet was introduced in Windows Vista and extended to Windows 7, but Microsoft Security Essentials is the only way to access the network in Windows XP. Unlike other security vendors that allow customers to take advantage of the benefits of their behavioral detection engines while opting out of submitting information, there's no way to do that with SpyNet.
Well, it's mostly anonymous. You can choose between two SpyNet memberships. The basic membership submits to Microsoft the detected software's origins, your response to it, and whether that action was successful, and the advanced membership submits all that plus the location on your hard drive of the software in question, how it operates, and how it has affected your computer. Both basic and advanced versions warn users that personal data might be "accidentally" sent to Microsoft, although they promise to neither identify nor contact you. New in version 2 is the option to opt out of contributing to SpyNet while still receiving the benefits of crowd-sourced security.
Microsoft Security Essentials uses both definition-file and real-time defenses against viruses and spyware, and also offers rootkit protection. Along with the quick scan and the full scan, there's a Custom scan option that lets users select specific folders or drives to scan. It doesn't allow for customizing the type of scan used. For example, you're not going to be able to choose to scan only for rootkits or heuristics, as you can with other security programs. However, you can set USB keys and other external devices to automatically get scanned. The program installs a context-menu option for on-the-fly scanning in Windows Explorer, too.
The Update pane manages the definition file updates, with a large action button, and History provides access to a spreadsheet-style list of All detection items, your Quarantine, and items you've Allowed to run. Although it's a basic layout, this no-frills approach to security has proven appealing to people who are overwhelmed by more detailed security choices.
New in version 2 is integration with Internet Explorer so that downloads get scanned, and Windows firewall hooks so that your personal security net is tighter. For Windows 7 and Vista users, the Windows Filtering Platform that those two operating systems come with gets a boost from a new network inspection feature.
The Settings window allows you to further customize the program by scheduling scans, toggling default actions to take against threats, adjusting real-time protection settings, creating whitelists of excluded files, file types, and processes, and choosing from the aforementioned SpyNet options. There's also an Advanced option that is still fairly basic: here you can set Security Essentials to scan archives and removable drives, create a system restore point, and expand user rights to allow all users to view the History tab.
Security Essentials comes preconfigured to run a scan weekly at 2 a.m., when Microsoft thinks your system is likely to be idle. New malware signatures are downloaded once per day by default, although you can manually instigate a definition file update through the update tab. Attachments and downloaded files will be automatically scanned by Security Essentials.
Help is only available in the form of the standard offline Help manual that comes with all Microsoft programs. There's nothing fancy here.
MSE abandons the additional heft of a firewall, performance tuning, and backup and restore options to focus on core security. However, the new version does include a system restore option, to back up your computer before you remove any detected malware. Most of the changes in MSE are under the hood, but it's still a worthwhile program in terms of features, especially on lower-powered Netbooks.
Microsoft Security Essentials occupies a slightly different space than the rest of the security programs because it's the only one published by Microsoft, and, remarkably to some, it doesn't suck. Benchmarks by independent third-party efficacy testers and CNET Labs discovered that the program has uneven performance. (Read more on how CNET Labs benchmarks security software.)
|Security program||Boot time||Shutdown time||Scan time||MS Office performance||iTunes decoding||Media multitasking||Cinebench|
|Microsoft Security Essentials 2||54||18||1,560||1,038||201||800||4,790|
*All tests measured in seconds, except for Cinebench. On the Cinebench test, the higher number is better.
AV-Test.org certified the oriiginal MSE during one test this year, and then refused to certify it during a test several months later. When tested on Windows 7 in the second quarter of 2010, MSE 1 earned certification with a 15 out of 18 score. It achieved 4 out of 6 in the Protection category, 4.5 out of 6 in Repair, and 5.5 out of 6 in Usability, where the minimum required for certification was 12. However, when tested on Windows XP in the third quarter of 2010, AV-Test.org did not pass MSE 1. The program earned 3 out of 6 in both Protection and Repair, and 5.5 out of 6 in Usability. Given the more advanced native security in Windows Vista and Windows 7, this could indicate that Microsoft's own security program is unsuitable for its older operating systems.
On the other hand, AV-Comparatives.org awarded MSE 1 an Advanced+ certification in November 2010 for its retrospective/proactive test, finding the program to have very few false positives.
Those results don't come cheaply, as far as system performance is concerned. CNET Labs' benchmarks put the new MSE at the far slower end of the scale, with a bigger impact on system performance in general than most other security options. System start-up was 11.5 seconds slower than on an unprotected PC, and system shutdown was more than 6 seconds slower whereas most suites affected the system by 2 to 4 seconds.
MSE 2's impact on the MS Office, iTunes decoding, media multitasking, and Cinebench tests was generally unimpressive. The program did very well in the Cinebench test, but in others its results were more middle-of-the-road.
Virus scan times were also slow compared with the competition. MSE 2 took 26 minutes to finish a full scan, and nearly 2 hours on a real-world computer. The 2-hour time is slow, although not the slowest out there. The first quick scan performed at installation took 4 minutes, which is a competitive time for that type of scan.
Security Essentials is basically a good set-it-and-forget-it security program, but if you want more options and better results from a lightweight security option, Panda Cloud Antivirus Free Edition 1.3 is the safer bet.