The free Microsoft Security Essentials anti-virus solution, formerly known as Morro, works but won't blow your mind. With it, Microsoft is raising the security bar--albeit the lowest rung on the ladder--but integration with third-party solutions could result in something big.
I've been poking around in the beta of Security
Essentials-Microsoft's forthcoming free anti-virus solution-for a
couple days, trying to find something interesting to say about the
Microsoft Security Essentials-formerly known as Morro-seems
unexceptional in the best sense of the term: It installs and uninstalls
easily (provided Windows is genuine); its scan rules are fairly
configurable; and scans use a noticeable but not overwhelming amount of
system resources on modern PCs. In short, it works but won't blow your
In fact, there are really only two interesting things about the
product. First, of course, is the price: Free is always somewhat
compelling. Second, Security Essentials scored surprisingly well
on early wild list tests, finding absolutely everything thrown at
it. And this achievement is not commonly reached by any for-pay
Third-party software companies with competing solutions seem to be
of two minds about Security Essentials. They scoff at the limited
scope of Microsoft's product, which focuses on signature-based
detections (along with some root kit defenses) instead of more modern
heuristic or behavioral approaches, or more recent browser-based
defenses against Web threats. But undoubtedly, these companies
will also keep an eye on how Security Essentials performs in the
marketplace upon its release for antitrust implications.
I don't think Security Essentials should be viewed as an attempt by
Microsoft to corner the anti-malware market. Instead, the product
should be viewed as Microsoft's attempt to raise the lowest rung of the
Windows security ladder-effectively elevating the absolute minimum
level of security users should expect to get from their systems.
Ever since Microsoft released Windows XP Service Pack 2 and the
Windows Security Center-that little warning on a fresh installation
that, among other things, decries the system's lack of anti-virus
protection-the company has explicitly acknowledged that out-of-the-box
Windows is not secure given the way the bulk of the user base practices
computing. In the years since, as new operating systems have come
along, Microsoft has done a lot of work to shore up the security of its
operating system-with User Access Controls, Data Execution Prevention,
improved firewalling and so on.
However, the company has made much less headway in how its users
compute-which often leads to the new security being disabled to foster
easier day-to-day management or backward application compatibility.
Microsoft needs a way to protect this recalcitrant segment of its
user population with a tool set that is familiar and
acceptable-signature-based scans. But for Security Essentials to
provide this elevation of the lowest common denominator, the product
needs to be installed on every copy of Windows.
I have my doubts that Microsoft will ever pull the trigger and
include Security Essentials in a base OS or a service pack update for
fear of the backlash. But I certainly see the product appearing in
Microsoft Update as an option once it is a little more battle-tested,
then eventually morphing into a critical update within a year or so of
release. Of course, all of this depends on Microsoft making a concerted
effort to ensure its solution plays nicely with others.
Windows Security Essentials can be a win for third-party security
companies, as well, with some modifications. Say, for instance,
that Microsoft leverages the approach it uses with the
enterprise-focused Forefront Security for Exchange security solutions,
which allow third-party security companies to plug their own scan
engines into Microsoft's core product. Given that Microsoft has
even written a whitepaper about the benefits of such an approach
it is not a big leap to see how consumers could benefit from a one-stop
shop for protection from multiple vendors in one tidy package. If
users can tap multiple scan engines in one package, that also means
more customers for more security companies.
Then, with their old-school signature-based detections being
packaged and sold through Microsoft's own product, third-party security
providers could focus more of their development efforts on
next-generation solutions-whether browser-based, encryption-oriented or
behavioral-having to worry mainly about compatibility with Microsoft's
scanner, rather than a cornucopia of solutions that currently make up
Senior Analyst Andrew Garcia can be reached at firstname.lastname@example.org.