| SuperSite Blog | WinInfo Daily News | Windows Weekly | Windows 7 Secrets | About Paul | What I Use |
|
|
| Home | Windows 7 | More Windows | Server | Internet | Office | Mobile | Zune | Xbox 360 | Alt.Windows |
Microsoft Security Essentials Public Beta
Trouble is, I couldn't say much. I've actually been using pre-release Morro code for over a month, and a few weeks back, Microsoft briefed me about its plans and asked if I would keep it quiet until they were ready to go public. I would have been better off not agreeing, in this case: News of the Morro beta quickly leaked online and, in recent days, more and more details have emerged, while I had to remain silent. Finally, Microsoft relented, and agreed it was time to go public, about a week earlier than originally planned. So here we are. Morro, of course, will be called Microsoft Security Essentials (MSE) when it ships later this year around the same time as the Windows 7 general availability (GA) milestone. It will be absolutely free and made available to all genuine Windows XP, Vista, and 7 users, and will come in both 32-bit and 64-bit variants (32-bit only on XP). A lot of what you may have read about MSE online, however, is untrue. It is most definitely not a "cloud computing" AV solution, whatever the heck that was supposed to mean, though one aspect of MSE's internal updating mechanism offers nearly real time protection. Put simply, MSE is OneCare minus the stuff that's not related to fighting malware. It doesn't have a managed firewall, can't manage a "circle" of computers on a home network, doesn't help prevent applications from putting icons in the system tray at boot-up, and doesn't have any online photo backup capabilities. What it does have, however, is all good stuff: MSE is small, fast, light, and effective, and since it's built on the same award-winning underpinnings as Microsoft's other security products you know you can trust it. Let's take a closer look and blow past the surface overviews you may have seen elsewhere. There's a lot going on here. Why MSE?Microsoft created MSE to address a very simple problem: Far too many PCs are unprotected with out-of-date anti-malware products. The company tells me there are a number of reasons for this. First, because many new PCs come with only time-limited security solutions, some users believe they're protected even though the initial subscription period may have ended. Some don't even activate the free, bundled solutions at all. Some--especially those in emerging markets--can't or won't pay for security suites, most of which need to be renewed every year. Meanwhile, the security landscape is evolving. The impact and severity of security threats is increasing and is becoming more professional, with many malware outbreaks aimed specifically at financial fraud. Security software vendors are constantly adapting their products to meet these evolving needs, but these products are often complex and increasingly address a number of non-security tasks. So MSE comes into this world and is designed to address the needs of users who are often not protected, for one reason or another. From a broad perspective, MSE works side-by-side with Microsoft's other security technologies, including those built into Windows and accessory products like the Malicious Software Removal Tool, but adding the crucial element of real time protection. It is based on the same trusted and well-regarded security engine that is used by Microsoft's Forefront line of products. It is incredibly easy to install and use. And, perhaps best of all, it is almost completely innocuous: Unlike the OneCare product it replaces, MSE is small and light and runs quietly in the background with a nary a chatty pop-up to be found. Finally, Microsoft has gotten client security right. Oh, and it's absolutely free. As long as you have an activated, known-good (i.e. "Genuine") copy of Windows XP, Vista, or 7, you're good to go. Microsoft Security Essentials is just part of the package, a perk for users of Microsoft's modern Windows versions. And unlike other free solutions, Microsoft won't use MSE as a vehicle for up-sell. It just does what it does, and it will never prompt you to purchase a Pro version or whatever. There's no registration, no information collection, no annual worry. You install it and forget it, and it keeps you safe. How it worksAs noted previously, Microsoft Security Essentials is built on the same award-winning anti-malware technology Microsoft uses in its other security products, including the Forefront family of solutions and Hotmail. And if you've got some idea that OneCare somehow performed poorly in industry tests, it's time for a refresher: That was years ago, and this technology has actually tested at or near the top of the heap ever since. This is proven anti-malware technology, and Microsoft has an incredibly deep set of live data to build off of. Speaking of OneCare, let me get one thing out of the way right up front: MSE is comprised of the next generation protection technologies that were originally shipped with OneCare. It is, in effect, OneCare minus the management features and other non-anti-malware functionality that previously shipped in that suite. It has, however, been greatly streamlined and simplified, as we'll discuss in a moment. Microsoft describes MSE as a "thin layer on a deep technology stack." It's comprised of a user mode service and a kernel mode driver, so it can handle malware no matter where it lives in the system. It's all backed up by a series of web services, including telemetry data through the SpyNet service, Microsoft Update, and a separate signature update service. Thanks to the 450 million people who automatically download security updates every month from Microsoft Update, the software giant has a unique and gigantic feedback loop from which they can quickly identify new attacks and react aggressively. On the client itself, the MSE real time protection mechanism operates at the kernel level to examine the behavior of unknown binaries and then sandbox potential malware before it can do any harm. And thanks to a new Dynamic Signature Service, MSE can immediately query online to see if there is anything that matches what its seeing on the PC. Because of its kernel mode hooks, MSE can also detect kernel mode rootkits and, in many cases, even clean them out after they've rooted their way into the system. One of the big complaints about security suites (and to a lesser degree, OneCare) is performance. Real or imagined, many people perceive that security solutions slow down their PCs, so MSE has been architected to be as small and light as possible. Impact on the PC is generally imperceptible, and MSE will actively swap out memory it's not using to further reduce its use of system resources. Scans only occur when the PC is idle, of course, and because MSE can only throttle the CPU to 50 percent utilization, the PC is usable even when MSE is active. MSE supports several levels of updates. The product itself will be updated when needed, periodically, and once installed, these updates will be delivered through Microsoft Update (and thus to Windows through Windows Update). The core engine technology is updated monthly, also via Microsoft Update. Microsoft publishes new signature updates three times each day, but of course signatures can also be updated in real time when needed. The best part of all this is that none of it impacts the user at all. You just install it and forget it. MSE will take care of the rest. Installing MSEMicrosoft Security Essentials couldn't be easier to install. You download the relatively tiny executable from the Microsoft Download Center--its about 4-5 MB for the Vista version, for example--and run through a super-simple wizard-based installer. Basically, it makes sure your PC is genuine and then installs. That's it. On first install, the product will run a quick scan by default. This could take several minutes, but the majority of users can simply shut the application window and get on with life. If all goes well, you'll never see it again.
Using MSEFor those who are curious, there are a few things to look at in the MSE application interface. It, too, is incredible simple. The application itself consists of a Windows Defender-like UI, with multiple tabs and big, obvious buttons. (MSE replaces Windows Defender, by the way, since it provides a superset of Defender's capabilities.) There's also a tray icon (hidden by default in Windows 7) and you can quickly scan any folder or file by right-clicking it in Explorer and choosing the new "Scan with Microsoft Security Essentials" option that appears in the pop-up menu.
But back to that application window. MSE follows the familiar protection metaphor that proved so popular with OneCare: When you're protected, you're green, and all is well. MSE is up to date and running properly in the background. As with OneCare, there are two other possible colors that denote different levels of distress. You'll see a yellow warning when the computer is "potentially unprotected," such as when your malware signatures are out of date or you need to address a low or medium severity threat. If it's red, well, something went horribly wrong and you may actually have to deal with the MSE UI because there is a high or severe threat.
Jumping around the various tabs in the application UI, you'll see the following basic options. Home. Here, you can trigger quick, full, and custom scans, and ensure that real-time protection is on and everything is up to date. Update. This tab lets you manually trigger a signature update.
History. Here, you can view any items that have been detected and quarantined since you first installed MSE.
Settings. From this multifaceted UI, you can configure various MSE features, including whether to run a scheduled scan and, if so, when. There's a lot to potentially configure, but MSE pretty much ships in an ideally configured state and most people can safely ignore this.
And ... that's pretty much it. I've been using Microsoft Security Essentials on virtually all of my Windows 7-based PCs since mid-May, and I've never had any issues. What I have noticed is that the product lives up to Microsoft's claims about being small and light--there's been no performance impact at all, including on a low-ball Celeron-based UMPC with just 1 GB of RAM--and being far less "chatty" than OneCare. I really liked Windows Live OneCare, but its constant need to alert me about things I really didn't need to know about was an irritation. Meanwhile, MSE has never popped up a single message in my real world use on several different machines. Yay! AvailabilityThe Microsoft Security Essentials public beta will be made available in the US, Israel, and Brazil on June 23, 2009. Why Israel and Brazil, you ask? (I did.) The MSE dev team is in Israel, and Brazil is one of the initial target markets for the product, so Microsoft wanted to get in some early testing. A version of the beta will ship to China in about 30 days as well, Microsoft tells me. Looking ahead, Microsoft tells me it is on track to ship the final version of MSE by the end of 2009. I've heard that it will ship roughly around the same time as Windows 7, and that makes sense to me. I did ask whether MSE would ever be made part of Windows. It will not. Instead MSE will be distributed solely via the Microsoft web site. Also, top-tier PC makers like HP and Dell will almost certainly not be bundling MSE with their computers. The reason is that these companies are paid by AV vendors to include trial or limited-time versions of their products and Microsoft will not be paying to promote a free product. Final thoughtsThere's been a lot of interest in Morro/Microsoft Security Essentials and I think even the beta version of this product will prove quite a hit with users. It's free, effective, lightweight, and quiet and is, in other words, exactly what I'm looking for in a security solution. And it comes with no strings at all. As long as you're running a genuine Windows version, you can install this product without worrying about up-sell advertisements, yearly renewals, or other silliness. And you can do so on as many Windows-based PCs as you own. I'd like to see it just included with Windows, but what the heck: Free and easy is the next best thing. Microsoft Security Essentials is highly recommended, even in the public beta. --Paul Thurrott
|
Download Microsoft Security Essentials public betaMicrosoft Security Essentials Beta Related Reading:
|
|
||||||||||||||||||||||||
