Wednesday, September 30, 2009

Microsoft Security Essentials

On Tuesday Microsoft launched a new anti-virus protection program labeled Microsoft Security Essentials. This free program provides the basic anti-virus protection necessary in an internet environment where threats are exponentially increasing. I recently installed the product with mixed results.

Installation was very straightforward and easy for a user at any level. It uses a typical wizard with no special or confusing options - just an installation.



After installation the programs runs an automatic update and quick scan of the system which took a very small amount of time. Real-time protection is turned on by default as well as a weekly scan and runs in the system tray similar to any other AV program.



Once installed there are very few settings to manipulate, making it easy for the novice user but somewhat lackluster for the advanced. Options include the ability to set the scan times and frequency, set excluded file types as well as turning off the real-time protection.



The downside is the amount of system resources the program uses. With real-time protection enabled it uses 40-60 MB of RAM. This is 5 times the memory of most other programs (Norton, Avast, etc.). Even with the real-time protection disabled the program still uses around 30 MB.

On the positive side, I loved the way it handled threats. As a test, I went to a site I knew would redirect me to rogue AV.

First, a pop-up appeared down by the system tray:











By clicking the Show Details link we can see what the actual detected threats are:











The user is then able to choose from a list of actions - quarantine, remove, ignore. By clicking the clean computer button the threats will be removed immediately.

What was unique about this was that it actually found the javascript in the redirect to the rogue AV site to be malicious and blocked it before even getting to the download...very impressive.

Overall, the program bogged down the machine too much for sustained usage. I feel this was a good first attempt and Microsoft will likely make revisions to correct the excessive resource problems.