washingtonpost.com
Microsoft's new anti-virus program offers unassuming alternative

By Rob Pegoraro
Sunday, October 25, 2009

You can't always tell if a virus has taken over a Windows computer, but many anti-virus programs leave no doubt about their presence.

They'll embed toolbars in Web browsers and e-mail programs, then pop up notices after downloading the latest virus definitions. The ones that charge for those updates will nag you to renew; the ones that don't may prod you to upgrade to a paid version.

The new, free Microsoft Security Essentials (http://microsoft.com/securityessentials) doesn't follow that pattern. This download for Windows XP, Vista and 7 seems downright meek: You don't have to click past upsells for a premium edition when you install it, and your only hint of its existence afterward may be two icons at the corners of the desktop.

Microsoft Security Essentials can forgo competitors' obnoxious habits because of its corporate parent. Microsoft's day job isn't selling security software, it's selling Windows. (Security Essentials will load only if your computer passes an automated "validation" test to confirm that you have a paid-for copy of its operating system.) Microsoft even axed an earlier, non-free security program called OneCare before shipping this freebie at the end of September.

The combination of "free" and "non-annoying" may be enough to attract users weary of being hectored by their anti-virus software. The same goes for Security Essentials' relatively generous license, which -- unlike most free anti-virus utilities--allows for use in home-based small businesses instead of requiring strictly noncommercial use.

You could also argue that it's simple justice for Microsoft to give away an anti-virus program after so many years of inattention to security issues.

But Microsoft Security Essentials ("MSE" for short) also compares well with competitors on functional grounds.

On all three supported versions of Windows, Security Essentials installed quickly and cleanly -- once other anti-virus tools had been dumped. It doesn't require users to remove those programs first, which in one case led its own setup to halt with a cryptic error message.

Once active, MSE doesn't require any special configuration, nor do you have to know the differences between viruses, spyware, Trojans or rootkits -- it aims to block "malware" in general. (If you already run Microsoft's older, spyware-specific Windows Defender, Security Essentials will deactivate it.)

It does not, however, monitor "tracking cookies," the inert text files saved on computers by Web sites and advertisers that may raise privacy concerns but do not pose a security threat.

In action, Security Essentials used little memory, had no discernible effect on Windows' start-up time and refrained from squabbling with such third-party Internet software as the Mozilla Firefox and Thunderbird Web and e-mail programs.

By default, MSE will scan the computer for trouble once a week. On an old Windows XP system, it whirred through its default "quick" scan in less than seven minutes, although a full scan required more than an hour.

MSE comes set to check for updates to its malware database every 24 hours, though you can click its "update" button more often if you prefer. Microsoft says the program will also automatically fetch the latest virus definitions available if it sees a new program act suspiciously. It doesn't always do the same if a user requests a scan of a file by right-clicking on it.

To test its defenses, I went looking for trouble and downloaded several Trojan-horse, virus and worm files from sites listed on a database of malware threats. Security Essentials blocked them all, often terminating the download before it could start. Third-party tests have shown similar results.

Unfortunately, Security Essentials let down its guard with a Trojan file attached to a junk e-mail and another one that was linked to in a second spam, declaring each one safe.

But the competition didn't do much better. Norton, McAfee, BitDefender, AVG and Avira each missed one of those two files, and some also missed a third download saved on a flash drive that Security Essentials caught. By the next day, Security Essentials' definitions properly identified the attached file; the other was no longer available, since the site hosting it had been taken offline.

Combined with Windows' built-in firewall and the automatic blocking of hostile Web sites provided by such modern browsers as Firefox and Microsoft's Internet Explorer 8, Security Essentials can do a lot to keep a PC safe -- and without the irritation factor of many competing programs.

But it can't do it all. The most effective security measure -- on Windows or in any other operating system -- remains a cautious, skeptical person between the chair and the keyboard.

Living with technology, or trying to? Read more at http://voices.washingtonpost.com/fasterforward.

View all comments that have been posted about this article.

© 2009 The Washington Post Company