RSS
Home
Of viruses, spyware, and Microsoft Security Essentials
Print
Email
RSS
Subscribe
.jpg)
It’s amazing how the relative merits of any product can improve dramatically when it’s available for free. The surprise is even more pleasant when the product is both a functional and easy-to-use solution even though we didn’t have to pay a dime for it. Microsoft formally entered the arena of anti-malware product providers a little over a week ago with its Security Essentials software - a real-time protection package for PCs that claims to provide a comprehensive solution to malware infiltration and attacks. Though the beta version has been available for download for several months, Microsoft just gave the official release the green light last week, and it is presently available for multi-platform download at the Microsoft Security Essentials web site.
The time once was that we purchased an antivirus solution to keep our systems from being compromised. Now, the list of potential ills that we can experience has broadened the definition of such Internet nasties to the general term of “malware.” This term is short for “malicious software,” and refers to the variety of harmful, obnoxious, and intrusive digital maladies that can now infect our computers. It’s scope includes viruses, spyware, worms, rootkits, and trojan horses among other bugs. Though each of these goes about its nefarious business a little differently, the end results usually fall into one or more of the following categories:
- The deliberate corruption or deletion of data or system files
- The opening of an avenue of unauthorized access to a specific PC or network
- The obtaining of personal information, including credit card info, usernames, and passwords
- The silent tracking of browsing patterns for the purpose of obtrusive advertising techniques
Sometimes users will further experience what I would refer to as “digital extortion.” This takes place when the entity or organization that caused the problem on our computer in the first place claims via annoying pop-ups to have “discovered” it, and then helpfully offers to make it go away for a modest fee, please have a credit card close at hand...
Though relatively few computer users will have these problems in such a measure as to require a full OS reload to remedy it, the wide variety of digitally communicable problems that are the burden of the Internet now almost require having a good, functional anti-malware solution installed on our computer. Long-time products such as Symantec’s Norton Antivirus or McAfee’s VirusScan have been around forever, and other options such as Sunbelt’s Vipre have become similarly compelling options... However, all of these solutions are available only at retail price - and they then require us to fork out more dough each year to continue protection when our subscription to current virus updates runs out. Although we appreciate the hard work that these folks are doing, when a compelling free option is available, it is worthy of investigation and consideration.
The installation files are available from the Microsoft Security Essentials home page, and download sizes will vary from around 4 MB to 9 MB depending on whether you’re running Vista or XP. Installation is simple and straight-forward, and most users will be up and running in less than a minute. Installation requires that we go through the typical Microsoft software validation process, which should present a problem only to those running a pirated Microsoft OS. Damn if there isn’t always a trade-off... Immediately upon completion of the installation, MSE will attempt to download the latest virus definition updates and run a quick scan on the system. As we might expect, the integration of the software into a Windows OS is particularly smooth and meshes nicely with existing features, which is unfortunately not always the case with competitive solutions.
As with any viable anti-malware solution, MSE provides protection via real-time pattern-detection features and by regular system scans. Real-time protection means that the system is always monitoring for potential security threats, and is vigilant to “virus-like” behaviors. System scans sort through a selection of vulnerable files and locations on the computer, seeking evidence of files that can compromise system security. These scans can be initiated manually or set to run at a scheduled time, and usually we are able to allow them to run on the default schedule and forget about them.
One of the most appealing features of MSE is immediately apparent after bringing up the user interface for the first time - namely its simplicity of configuration and operation. This is a welcome change from the recent evolution of many anti-malware solutions into total-package software suites that take control of multiple system processes from default security measures to system performance tools. While admirable in their scope, these have the tendency to make things noticeably sluggish in their holistic approach to protection and maintenance, and can be alarming to the uneducated user in their rigorous “red box” alerts to something as simple as a tracking cookie from Cabela’s. By contrast, MSE has a simple interface with four selectable tabs: Home, Update, History, and Settings. On the Home tab, we can initiate a scan and change the automatic scan schedule. Update gives us the date of the current virus definitions file and lets us manually check for a newer version with the click of a button. History gives a list of potentially harmful files and processes as well as information regarding their current status. Settings allows us to tweak and modify some of the default operations of the program. Each tab is simple and straightforward in its purpose, and the greenest of users should find it to be completely manageable and undaunting.
The system resource load required by MSE is relatively light. Although some users have reported very sluggish computer response while a scan is running, most are able to perform business as usual without any noticeable slowdown. For my experience, on a laptop running an Intel Core2Duo processor with 4GB of memory, I was able to simultaneously surf, listen, compose, and configure during a full system scan with absolutely no slowdown or sluggishness at all. I reasonably suspect that of all viable anti-malware solutions available, MSE will be close to the top in presenting the lightest burden on one’s system.
In testing the actual MSE response to a potential threat, I experienced instances of both admiration and befuddlement. I first made the attempt to download some of the usual virus test files, which mimic actual viruses and should cause a reputable antivirus solution to react as if an actual threat was discovered. The file that I attempted to download was “double-packed” in a ZIP archive - supposedly making it harder to find and likely to be discovered by only the most rigorous antivirus solutions. In less than a second from the attempt to download the file, MSE sprang into action and stopped the process. I was presented with a simple option to “clean the computer,” and was given the happy green box of confirmed success a moment later. This first accomplishment was somewhat downplayed, however, when I emailed the same virus test file to myself as an attachment and then downloaded it onto my desktop. This process went undetected by MSE, and the test file sat unmolested on my desktop for several hours. Even after running a full system scan the file remained undetected. Such a phenomenon remains inexplicable, and suggests that some caution should still be exercised for the present when dealing with email attachments.
For some unknown reason, the default settings of MSE do not scan for malicious software on removable drives. This seems very counterintuitive, inasmuch as our machines probably run a greater risk of obtaining malicious software through these means than they do by our surfing habits. Fortunately, this oversight is easily corrected by going to the Settings tab in the user interface, selecting Advanced in the list of options below, and checking the box to the side of Scan Removable Drives. Many have claimed that there is no real-time protection for removable drives even with this option selected, and that removable drives are only benefitted and protected when they are part of a user-initiated full system scan. However, when I loaded the same virus test file onto a USB drive and attempted to view the drive contents in Windows Explorer, MSE immediately detected and remedied the problem. It is interesting to note that the same virus test file was not flagged on another computer by the "leading" antivirus software for which I paid $50 a year or two ago. Although MSE flagged the virus test file on the USB drive and prevented it from being copied to the computer, it did not remove or quarantine the file on the USB drive itself. We might assume that a full system scan of the USB drive would rectify that failure.
There are a few configuration options worthy of note in the Settings tab. In particular, the speed of system scans can be increased by excluding specific file types... Some users have complained about the time required to perform a full system scan, and though Microsoft claims that this should take about an hour, reports of much longer time periods exist. Though most users won’t go to the effort of doing this, by excluding certain file types, we can potentially remove thousands of low-risk files from the scanner’s radar, thus cutting down the time necessary to get the job done. For example, if one had 10,000 MP3 files that he or she wanted to exclude from future scans, such could be done by going to the settings page and selecting Excluded File Types and entering “*.mp3” into the dialogue box. This would exclude all files with the extension “mp3” from the scan, and subsequently make for a shorter full-system scan duration.
Perhaps those features of MSE that we are most eager to see proven are those that are best tested by time and usage. Most of us have come to fear the occasional virus far less than the annoying and obtrusive “hostile takeover” and multiple pop-ups that we experience from browser hijacking and similar forms of malware. In attempting to perform a number of popular anti-spyware tests, MSE prevented me from downloading any of the files that would simulate a typical spyware modification to system settings, such as changing the Internet Explorer default home page, or installing and executing a registry key. When I manually allowed the download in MSE, however, the files were able to be executed from the desktop and promptly simulated the undesirable actions without further complaint by MSE. This represents a half-win at best, and hopefully actual threats are dealt with more effectively.
Time will certainly reveal more about the genuine functionality and merits of Microsoft’s Security Essentials. We might likewise reasonably assume that various updates and tweaks that improve upon it will be frequently available through Microsoft Update. Whether it has the capacity to compete with the “big boys” in holistic approach to PC security is not so much the question as whether or not we can get something that does the job for free. Though different levels of users will have different answers to this question, most users will find this to be an acceptable and welcome option that saves them a few bucks and - with reasonable caution - provides an acceptable level of protection.
Related Articles:
Add a Comment
.jpg)
.jpg)
