Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Security Essentials Released; Rivals Mock It

Posted by kdawson on from the free-but-is-it-worth-it dept.

Bimal writes "After a short three-month beta program, Microsoft is officially releasing Microsoft Security Essentials, its free, real-time consumer anti-malware solution for fighting viruses, spyware, rootkits, and Trojans. MSE is available for Windows XP 32-bit, Windows Vista/7 32-bit, and Windows Vista/7 64-bit. 'Ars puts MSE through its paces and finds an unobtrusive app with a clean interface that protected us in the dark corners of the Internet.' The software received positive notes when in beta, including a nod from the independent testing group AV-Test." But reader CWmike notes that Symantec is trash-talking Microsoft's free offering. Jens Meggers, Symantec's vice president of engineering, dismissed MSE as a "poor product" that will "never be up to snuff." Meggers added, "Microsoft has a really bad track record in security." The GM of Trend Micro's consumer division sniffed, "It's better to use something than to use nothing, but you get what you pay for."

10 of 465 comments (clear)

  1. Re:Microsoft Security Essentials... by Tablizer · · Score: 4, Interesting

    A virtual virus can be as bad as a real virus. Deleted files and pirated bandwidth are the same either way.

    --
    Table-ized A.I.
  2. Get what you pay for? by Inverted+Intellect · · Score: 5, Interesting

    Last I checked some of the highest detection rate AV solutions also happen to be free.

    I use Avira AntiVir, which came in #2 in the last comparative study I read. It's gratis, with the sole "cost" of a popup-ad every 24h, disabled in the paid version (or for free, if you know how to set up a local security policy under windows and don't mind breaking the EULA).

  3. Re:It's working great for me by Anonymous Coward · · Score: 4, Interesting

    How about false positives? Antivirus software that checks nested encrypted archives often crashes, or marks as a false positive, files that contain a large amount of compressed data. For example:

    42.zip contains 4.5PB of data, compressed to 42kb. My university's mailserver marks it as a false positive.

    selfgz.gz is a gzip file that decompresses to itself. My university's mailserver tries to decompress it forever to scan all the nested files. It marks it as a false positive, since it was unscannable.

  4. Re:Symantec shouldn't talk by BikeHelmet · · Score: 4, Interesting

    You joke about it, but I say it with a straight face.

    I don't do a lot of virus removal - maybe one per week, just as a service for friends and friends of friends - but about 30% of those "virus" removals are actually tossing out Antivirus and Firewall products.

    Ethernet broken? Programs taking 4 minutes to start and 30 minutes to install? Horrible graphical lag, and start menu lockups? Can't shut down the computer or open IE?

    First thing I do is disable the AV already on the computer, to check if that's causing it. 30% isn't "usually", but it's high enough that I can't help but want to scream "WTF" at these AV vendors.

  5. Maybe not this one, but onecare is alright by wesslen · · Score: 3, Interesting

    I've been using Microsofts OneCare security suite for over a year now and I absolutely love it. It has been able to stop, detect and remove and lot of pieces of malware, spyware and trojans. I can see how Microsoft got a bad rap in the past, and I used to believe Microsoft software in the security field was unreliable but OneCare has changed my thinking. I think Symantec might be rushing to judgment a bit quickly but time will tell whether Microsofts new innovation is a worthwhile endeavor

  6. Yeah, like Symantec has room to talk. by Jane+Q.+Public · · Score: 3, Interesting

    "Norton" Utilities started to go downhill the moment it was acquired by Symantec, and after just two years I could no longer stand to use the product. Not only did the "utility" of the product steadily decrease, I found the virus / malware detection to continually be substandard compared to cheaper and even freeware products.

    I am aware that there are people who still swear by Symantec products, and I do not wish to argue with them. But I was with that family of products ever since Peter Norton put them together into a package, and is is simply not up to the standards that his personal software met... no matter how big their corporation is today.

    Boo, Symantec. I use Kaspersky and a few other tools now, and even though it takes several separate tools, I find the whole to be both superior in performance and also less intrusive into my system than Norton Utilities and other Symantec products.

  7. Re:Microsoft Security Essentials... by gmhowell · · Score: 3, Interesting

    Maybe he finally figured out that the part of the ladder theory he occupies means he will never get the nookie.

    --
    Jesus was all right but his disciples were thick and ordinary. -John Lennon
  8. Rootkit Detection by gordguide · · Score: 5, Interesting

    Microsoft purchased Komoku, a developer of RootKit Detection software with clients like the usual government and military suspects, banks, that kind of thing. Komoku's technology has been rolled into Microsoft Security Essentials.

    I would think that right there is a good reason to check it out, and possibly implement it in your XP/Win7 system, especially since MS probably had a chance to do some tweaking on the RootKit detection engine using their proprietary knowledge of some of the more obscure aspects of Windows file systems, the still unpublished NTFS specification, etc.

    Of course, if you have no RootKits installed, it might be more of a pain than necessary ... after all, every AV app you now have running says nolo problemo, si?

    Then again, how would you know?

    if you do have a RootKit lurking, I find it very difficult to believe that Norton or Symantec would tell you so ... the whole point of RootKits are to avoid detection, whether by conventional AV applications or otherwise, and to avoid removal by the usual removal tools available to AV product users.

    Some RootKits are even stealth-installed by law enforcement, and the "person of interest" isn't supposed to have Norton go all five-alarm on them, if you get my drift. Not that we can be sure this will either ... I'm just sayin' they are not trivial to detect, is all.

    It remains to be seen exactly what MicrosoftSecurityEssentials does turn up, but in at least one aspect, you are getting (for free) security software that cost thousands of dollars had you contracted with the original developer prior to Microsoft's acquisition (March 20 2008) and prior to MS's adding at least some of that same software to this new app.

    There will be plenty of people who will jump in right away and download MicrosoftSE. If you're one of them, fine; don't change for my sake.

    But, the best advice might be wait a week or so, as the prudent should, to see if major issues develop once widespread deployment exposes the suite to a wider set of configurations. If all is well, I say "run her". When MS offers you the equivalent of "free money" I say take it. I never see them refuse mine.

  9. Re:It's working great for me by Ronald+Dumsfeld · · Score: 4, Interesting

    They likely would have never understood why you need to pay a lot for top end protection, nor would they likely have payed for it.

    Hell, I never understood that either. Why should anyone who just forked out $xxx for a brand-new OS then be forced to pay yearly "protection money" as well? Sounds like a racket to me.

    I regularly end up helping people who've bought a new PC which comes infested with the Norton malware. If you don't rip it out before the free trial ends it is virtually impossible to get rid of it. And, of course, if you wait until the trial expires, you've probably caught some nasty - their package is, to put it bluntly, a bloated and useless piece of shit.

    It sounds like Microsoft's offering is considerably less obtrusive, and end users will not be hit with the problems I've seen with my preferred solution, Avira.

    I've used, and recommended Avira for years, it is completely free for non-commercial use and all you have to put up with is a once-a-day popup advert for their paid products. This is a good thing for non-technical users, it gives them a reminder that their anti-virus has just updated and is still working.

    What really, really pissed me off was Vista. XP's security control centre quite happily recognised Avira, but Vista "conveniently" failed to recognise it. This means that unless you're reasonably technically savvy you will get constant nagging that you have no antivirus product. I wonder if that had anything to do with their plans to release this new product.

    --
    Where's the Kaboom?
    There's supposed to be an Earth-shattering Kaboom.
  10. Re:It's working great for me by Bert64 · · Score: 3, Interesting

    AV only works because there are multiple options out there...
    If a single product becomes dominant, then the code required to defeat it simply becomes a standard component of any malware... It effectively just becomes an extension of the os which any malware needs to get round in order to function.
    Currently any malware that wants to do that, has to deal with multiple different av possibilities which is a lot more work for the malware authors.

    --
    http://spamdecoy.net - free throwaway anonymous email - avoid spam!