Microsoft Security Essentials Released; Rivals Mock It

Bimal writes "After a short three-month beta program, Microsoft is officially releasing Microsoft Security Essentials, its free, real-time consumer anti-malware solution for fighting viruses, spyware, rootkits, and Trojans. MSE is available for Windows XP 32-bit, Windows Vista/7 32-bit, and Windows Vista/7 64-bit. 'Ars puts MSE through its paces and finds an unobtrusive app with a clean interface that protected us in the dark corners of the Internet.' The software received positive notes when in beta, including a nod from the independent testing group AV-Test." But reader CWmike notes that Symantec is trash-talking Microsoft's free offering. Jens Meggers, Symantec's vice president of engineering, dismissed MSE as a "poor product" that will "never be up to snuff." Meggers added, "Microsoft has a really bad track record in security." The GM of Trend Micro's consumer division sniffed, "It's better to use something than to use nothing, but you get what you pay for."

It's working great for me

[mantis2009]

Doesn't bug, silent updates, fast scans, no noticeable performance hit. I can finally get my parents off of their annoying Norton or whatever they paid $50 to use for 12 months.

Symantec is a bunch of crap

[tjstork]

Sorry to throw Symantec under the bus, but the AV program and AV mentality that they have created amounts to a CPU tax. We don't have 4 core machines, we have 3 cores plus for one for Symantec, which manages to have the deadlock everything while it scans a single file.

Re:It's working great for me

[Fluffeh]

It might not be perfect protection, but if it's going to be used by all the mum and dad users with zero tech skills, then it's a good thing.

They likely would have never understood why you need to pay a lot for top end protection, nor would they likely have payed for it. This is a nice step between.

Re:Microsoft Security Essentials...

[Brian Gordon]

And what, use a fresh drive image every time you boot up the virtual machine?

It's still the same problem except it's possible to detect virtual rootkits from the host OS.

Re:It's working great for me

[DJRumpy]

I have to agree. If the independent review is truly independent, I would have to question Symantec's comments. I have to wonder if they are stating such from a professional opinion, or simply in fear for their bottom line. I would take an independents opinion long before I considered a direct competitors negative comments as trustworthy.

Re:Pot/Kettle

[fuzzyfuzzyfungus]

Please, please. Symantec offers an "expensive product" that has managed to sink further away from the figurative snuff as time goes on...

Since I don't need a graph or pop-ups

[earnest murderer]

To tell me it's working, it sounds like pretty much the best thing out there.

When the CEO of your competition derides your product publicly, you know it's got to be good shit.

"You get what you pay for"?

[hyades1]

I've used Avast Antivirus (free), Malwarebytes Anti-Malware (free) and Comodo Firewall (free) for a couple of years now. I've never had a virus and various other types of malware are promptly and efficiently dealt with.

Trust the inventors of Windows Genuine Advantage with my security? Or freakin' Symantec? I won't bore you with the horrible, hellish experience of getting Norton Antivirus off my machine. It was harder to get rid of than the virus it failed to catch.

Fat chance. I'll stay with something that works, thank you very much.

Re:Snapshots

[Anpheus]

I see. So you want to explain to my parents why their data went away and, no, I can't get it back without spending a few hours implementing a rigorous and thorough virtual infrastructure on their home computer?

Re:It's working great for me

[Jeremi]

They likely would have never understood why you need to pay a lot for top end protection, nor would they likely have payed for it.

Hell, I never understood that either. Why should anyone who just forked out $xxx for a brand-new OS then be forced to pay yearly "protection money" as well? Sounds like a racket to me.

Re:Bad reviews by...

[uncoveror]

Symantec? Ha! I would rather have nothing at all than Norton products. They are bloated resource hogs, and any script kiddie's concoction can disable them. People who know nothing about computers, but still own one for their work or their kids' school buy Norton crap purely on name recognition. All they are buying is a false sense of security.

Re:Microsoft Security Essentials...

[pwilli]

Using Windows inside a VM makes removing dangerous stuff like rootkits easy (e.g. by simply falling back to a snapshot).

But if someone catches a trojan and then directly heads for his bank website to do some transfers, the VM doesn't do shit to protect him. Same goes for worms, spambots and all the other crazy stuff. As long as the VM is running, they are as dangerous as ever. Telling people by running stuff in VMs makes them immune to threats just gives a false sense of security.

Re:When pressed...

[Tumbleweed]

You know a product is good if competitors start shaking in their boots running to government agencies for protections!

If that were the case, IE would be the best browser ever made. :)

You DO know that they're scared, though, if they have to trash it like this. You _should_ be scared if Microsoft enters your segment with a free product. It may not be the best, but that's never stopped Microsoft from crushing competitors in the past.

Re:Symantec aside...

[Totenglocke]

Execuse me if I'm missing something here but shouldn't they fix the security holes to prevent the problem in the first place?

You want MS to block everyone's access to shady porn sites?

Re:It's working great for me

[jim_v2000]

How many people who will be running this AV have files like that just sitting around on their hds?

Probably none.

Besides, technically those aren't "false positives", as in the AV isn't matching a signature...the files are unscannable, so the AV plays it safe.

Re:Ah...my favorite conspiracy theory.

[shird]

You are implying that these viruses/spyware aren't being installed by people clicking 'Yes' to "Do you want to run setup.exe from codecs.xxx_teens.com" prompts.

This 'hole' will never be closed. The only option is to develop software which scans for and intercepts these installs for people that can't make an informed judgement for themselves. (i.e 90% of computer users).

Re:It's working great for me

[MrKaos]

Sounds like a racket to me.

Never attribute to malice what you can attribute to shoddy engineering.

Re:It's working great for me

[jdhutchins]

Most of these files were developed to break mail scanners, so it's logical that they get marked as malware. E-mail may not be the best way to move files that are designed to be harmful to mail servers.

Re:It's working great for me

[westlake]

Why should anyone who just forked out $xxx for a brand-new OS then be forced to pay yearly "protection money" as well? Sounds like a racket to me.

The "service and support" model in FOSS can sound like a racket as well.

The poster here might also usefully remember that the ordinary user doesn't blame Microsoft for malware - he blames the guy who wrote the program - launched the attack - and the culture which produced him.

He doesn't fine distinctions between hackers, crackers and geeks.

Man..

[JonJ]

Lots of humourless Microsoft shills here today. The "Uninstall Windows"-posts aren't trolls, there attempts at being funny. Lighten up for once. To be slightly on topic: I'd trust neither Norton nor Microsoft with the security on my systems, but if it actually does protect people and doesn't get in the way for the users, it's all the better.

Re:It's working great for me

[not flu]

Files don't have human rights.

Re:Very slow on single core CPU

[GF678]

I'm guessing Microsoft Security Essentials is a close cousin to Windows Defender code which would explain a lot.

According to the Ars Technica link in the summary, MSE is a superset of Windows Defender, to the point where the MSE installer will disable Windows Defender completely if detected.

As for the single core issue, quite possible. I noticed for example that Vista's Windows automatic update detection check utilized 100% CPU of my (then) single-core machine for several seconds, affecting performance considerably. But when I moved to a dual-core, the effect was completely unnoticeable. Seems as if single-core is no longer considered when testing software performance and impact on the rest of the system.

Re:It's working great for me

[shentino]

It is a racket. There have been cases of security companies having collusive relations with malware authors.

Re:Microsoft about to kill another industry?

[Anonymous Coward]

Quaterdeck had a business model based on selling software to fill a temporary gap in technology from a vendor. MS didn't have anything to do with killing them, there own lack of foresight is what did them in. both memmaker and Qemm died because they were no longer required.

Re:Microsoft about to kill another industry?

[AmberBlackCat]

Long ago, we had Norton Antivirus for Windows 95. I guess this was when online updates were a new thing. The box said something like "never buy antivirus software again!" and boasted about how it would always be updated and current. Then one day it stopped updating. Our reply from the customer support people was "this product is no longer supported". They told us we had to buy the new version. Let them die.

Re:It's working great for me

[rtfa-troll]

Never attribute to malice what you can attribute to shoddy engineering.

The thing about MS is that we know that they buy up the best talent in the business and still deliver garbage. MS Research exists almost entirely to stop other companies getting their hands on good CS people. I think you can attribute MS's "shoddy engineering" to malice.

And this leads to another thought; short term MS Security offerings are probably going to have problems, but long term, those problems that matter to their customers will probably be eliminated. Their products always start bad and end up mediocre. However, there's one thing they will never achieve. Neutrality from MS. Since MS is one of the biggest sources of malware/not-quite-what-we-wanted-ware (live update; .NET modules for firefox; copy protection etc.) perhaps the other anti-virus companies should be marketing their neutrality from MS at least as strongly as their supposed quality? Of course they would have to guarantee to start warning about MS software in order to do this..

Re:Man..

[AmberBlackCat]

I think if this [slashdot.org] is a troll then "Uninstall Windows to fix your virus problem" is certainly a troll. And my comment was a sincere, wholehearted comment. Unless he's presenting Windows to a bunch of people only interested in programming or networking, that's the likely outcome. And for what it's worth, it's very possible to run Windows without getting a virus and anybody who is likely to get a virus by running Windows will probably get a virus the same way by running any other OS, unless they just can't figure out how to run anything.

[citation needed?] Re:It's working great for me

[rtfa-troll]

Could you provide a link for this which involves a "serious" anti-virus company (Norton/McAfee/Kaspersky/BitDefender etc.) and an actual released to the field piece of malware. "There are cases" could include the "anti-virus" packages advertised via online ads which actually are malware.

Re:Snapshots

[rtfa-troll]

Never let anyone over the age of 40 use Windows. They don't need the latest games so there is no reason to do so and the ease of management you'll get by putting them on Ubuntu will be massive.

Re:Symantec aside...

[RightSaidFred99]

What security hole? There is no security hole involved when someone downloads a file and executes it. You're confused or disingenuous.

Re:Wow....

[RightSaidFred99]

You're a retard. You haven't used the product but you _know_ it sucks. Right.

Opinion: Dismissed.

Re:It's working great for me

[foobsr]

other anti-virus companies should be marketing their neutrality from MS

Difficult to be balanced if the only leg you can rely on is branded MS.

CC.

Re:This is the future

[dingen]

It's the past as well. As you might recall, MS-DOS 6 included a virus scanner.

Symantec trash talking

[amn108]

Actually they are just trash talking MS in the true spirit of corporate competition. It is like brushing teeth in the morning for them. You are not taken seriously as a competitor if you don't issue some form of short press conference where you can say how bad everything but your own products is.

The truth is, through my "fixing" of countless laptops ridden with Symantec products, I can honestly say, disregarding their security track record, I despise and resent their products as much as I ever could. Large, monolithic but with 10 services to get rid of, poorly uninstalling or not uninstalling at all, horrible user interfaces - at least Microsoft products are benign compared to Symantec, use FAR FEWER resources to the point where you don't notice them (but they still do the job), have usually quite well designed GUIs and remove themselves without question. Thing is, Microsoft has different divisions, and clearly divisions that work on Windows Defender, Windows OneCare Live, and now Windows Security Essentials are, by evidence, not the same division that work on builtin Windows security, although situation seems to be improving on the latter.

Symantec and those corporate benemoths have been preying on customer fear for malware, and feeding us crap for more than ten years now. There was once Peter Norton and his Norton Commander, ever since that it went downhill with all things related to him and his company. Symantec has a lot of fat around the waist now. And they are afraid Microsoft is onto them.

Dysfunctional Family Circus

[argent]

The whole anti-virus industry is kind of like a dysfunctional family sitcom, with Microsoft as the wacky uncle whose crazy antics ironically bring in new customers for the family business by the end of every episode. Every other season the crazy uncle threatens to leave and the kids go nuts trying to convince him he can't make it without them, but everyone knows he's going to be back by next season's premiere. This story arc is no different.

The funniest episodes are when the kids go out and try and pitch woo. They seem to think that everyone else is crazy as "Uncle Mike" and leave a trail of property damage all over town as they fail to convince Apple and Palm and everyone else that their nutty schemes are JUST what they need for success.

Re:[citation needed?] Re:It's working great for me

[L4t3r4lu5]

The XCP copy protection system is not malware, it was poorly designed and implemented and allowed malware to hide using the same techniques used to hide the XCP system. In itself, it was not a program designed to adversely affect the operation of the computer; It was a by-product of poor implementation.

I'm fairly sure Sony would love to hear from you if you want to outright accuse them of spreading malware.

By the way, this did not answer the question asked, which was to provide a link to any credible source of information regarding a mainstream antivirus maker colluding with malware distributors, in order to further their own profits by selling more of their products.

Re:It's working great for me

[KillerBob]

Yes, any anti-virus is better than no anti-virus, but it won't take long before malware authors discover how to circumvent the Microsoft tool.

Microsoft bought out an antivirus company a couple of years ago. This is simply the rebranding and current version of that company's software.

And you know that virus-writers have figured out how to circumvent more expensive antivirus programs like McAfee, Norton, and PC-Cillin, right? This is why you update the virus database... so that it detects viruses that can disable your antivirus before they get that chance.

Give MS a chance. They could actually have stumbled onto a good product, and it could be something that actually helps the world at large.

I won't be installing it myself, but that's because I'm quite happy with the Avast that I have running. I'll wait for the next report over at av-comparatives [av-comparatives.org] before I pass judgement on it. Interesting to note that for the last several reports, several free options have been in the top 5 and occupied the top spot over all. In the latest report (August 2009), AntiVir had a 99.4% trap rate, Avast has a 98.0% trap rate. (Norton and McAfee had 98.7% and 98.4% trap rates, by comparison) But here's the rub... Avast had the lowest false positive rate of any of the top 5 antivirus programs. Norton had almost 3x as many false positives as Avast. AntiVir had more than 4x as many. And McAfee had more than 8x as many false positives. Out of the top 4 antivirus solutions, I'll stick with Avast.

But they do those tests on a regular basis, and you have no idea how well Microsoft's offering will fare in the next one. It could actually do very well. I wouldn't hold my breath, though... on the most recent testing, while MS's pay-for service tied Avast in false positives, it had a pretty lousy 90% trap rate... Still, that's nowhere near the worst offering out there.

Anyway... do your research before you decide that something is automatically bad just because it comes from Microsoft. Even if it just ties the other software, a 90% trap rate on viruses is better than a 0% from not having antivirus at all. And suggesting that it won't be long before virus writers figure out how to circumvent the software is completely ignoring the fact that virus writers figured out, a long time ago, how to circumvent commercial offerings like Norton and McAfee, and that hasn't actually hurt their trap rates at all.

Re:It's working great for me

[Anonymous Coward]

Symantec, McAfee, et al, were so woefully late to the malware party - for a long time, if it wasn't a "virus", they didn't bother with it - that I find it quite rich that they would be critical. Malwarebytes still finds, and fixes, things that the big boys of A/V don't have a clue about.

Re:[citation needed?] Re:It's working great for me

[mad_minstrel]

Intentions are irrelevant. It's what the software does that matters. And what it does is compromise your computer's security and disable functionality. Malware if I ever saw any.

Re:[citation needed?] Re:It's working great for me

[geminidomino]

The XCP copy protection system is not malware,...

Installed without approval or authorization.
Not removable by normal, non-invasive means.
Reduces performance and functionality of the infected PC.

Sounds like Malware to me.

i was poorly designed and implemented and allowed malware to hide using the same techniques used to hide the XCP system.

So it was poorly designed malware. Noted.

In itself, it was not a program designed to adversely affect the operation of the computer

What are you, an idiot? Widespread crashes aren't adversely affecting the operation of the infected machines? Not to mention that, BY DESIGN, it adversely affects the operation of the CD drive.

Re:It's working great for me

[infalliable]

you'll never see a competing company come out and say "wow, their free product is so good you should use it rather than ours." Their response is not surprising at all

Re:It's working great for me

[Anonymous Coward]

You install Windows, you get it right off the bat. As long as they make it easy to uninstall, then they'd get around anti-competitive behaviour rules.

You clearly don't understand competition law. They'd still be using their OS monopoly** to gain an unfair advantage in another field where there is currently a competitive market. Due to sheer inertia they would probably put several of the other AV companies out of business. The European Comission would be on this straight away (backed by complaints from Symantec, Norton etc.). Even the US competition authrities might jump on this.

This is precisely why MS has made it a seperate download.

** As usual, it's necessary to preempt the post saying 'but they havn't got an OS monopoly, it's only 90%' by pointing out that I am talking about the legal definition of monopoly, which does not require a specific market share.