Microsoft Security Essentials is a free Microsoft tool that ostensibly offers virus, spyware, and malware protection. Do security experts take it seriously as a full substitute for a standalone product (e.g., AVG, Spybot, ZoneAlarm)? Or is it too new to be relied upon as the main source of protection?
In my limited circle (IT security), it is being praised to the skies, with many dumping AVG free in favor or MS SE. The only negative I’ve heard about it is a CPU spike once in a while, but not enough to be a problem.
I’ve switched from using Zonealarm and Norton Antivirus to Windows firewall and MSE, and my computer’s performance has improved noticeably. MSE has been getting good reviews generally, from what I’ve seen.
I have read two very positive reviews in the press, one of which was by a Washington Post tech writer. I am using it myself on an XP Pro box and a Vista x64 box with very good results, in terms of performance and effectiveness.
Note that it does not replace ZoneAlarm, it has no firewall capabilities. I still use ZoneAlarm on XP Pro, and Windows Firewall on Vista (last time I checked, about a year ago, ZoneAlarm didn’t support x64).
Generally you should avoid running multiple real-time virus checkers so I dumped AVG Free (no more annoying footers in every email :)), but I haven’t uninstalled Spybot yet.
I added more RAM to my mom’s machine because she was having slowness issues. That of course did not help her processor usage, but removing AVG and putting in MSE sure did. My brother dumped AVG on his XP Home box and said he noticed a difference.
I’ve read praises of it on this board, which have linked to articles that praise it. I’m about to switch over myself as well.
Wow. It’s amazing what MS can do when they want to compete with a product rather than maintain dominance.
So, sitting behind a NAT-equipped router with Security Essentials and Windows Firewall running (and NoScript in Firefox), I’m as safe as I can reasonably be? I do like Zone Alarm’s warnings of outgoing connections – letting me block apps from phoning home if I want. I assume Win Firewall has a similar setting, but I haven’t seen it yet.
Lots of raves out there for MSE. (Here’s one via Lifehacker).
My story: used to be a loyal Norton guy, got sick of the bloat and cost, switched to AVG, got sick of their bloat (AVG must own the record for fastest decline from “great software!” to crapware in no time), then switched to MSE with my Windows 7 upgrade.
So far, it’s great. Light and effective. I still pair it with Malwarebytes, Spybot S&D and CCleaner-- nuke the site from orbit, it’s the only way to be sure-- but as my core defense, I like it a lot.
Good job MS, credit where credit is due…
Note that MSSE is not positioned as a replacement for a full security suite. If you have such a suite, it doesn’t make sense to remove it and install Security Essentials unless the suite has undesirable qualities that you are unwilling to deal with. However, as a substitute for other, similar antivirus packages, it’s an excellent choice. As discussed above, it’s got a great reputation based on fairly rigorous testing, is light on resources, and easy to install and use.
What elements is it missing?
I have a licensed copy of Zone Alarm Pro on my current machine. I just built a few machines for the house and am not sure what to eventually put on them. Everything is behind a router/NAT device. If everything also has MSSE and Windows Firewall running (and NoScript and AdBlock on the browsers), what else is needed? Isn’t Windows Defender superfluous? What about e-mail scanning? I imagine that MSSE has on-access scans to take care of that. Anything else?
I’ve got a brand new ASUS eeePC 1005HA. How does MSE plus Windows Firewall work for a netbook of this power?
It won’t be very noticable.
I have the same netbook running MSE and it is almost never noticeable.
After seeing this thread and doing some research I decided to give it a try … had ditched AVG for Avira because of bloat and was turning off many functions in Avira due to performance.
First thing … it turned on the Automatic Update service. I keep that service disabled; I like to control my computer.
The first scan found two ‘infections’, one related to torrents and one related to WGA (Windows Genuine Advantage.) The program removed one of them; it gave me no choice … it just went poof and was gone … I don’t know where it went and it is not listed in the History panel.
Then I noticed the little yellow shield informing me there were updates available for my computer; they were updates that I had chosen not to install and had hidden.
Turns out the program can’t update virus definitions unless the Automatic Update service is running.
And then there is Microsoft Spynet; you are given two options … basic membership or advanced membership … no option to opt out. Spynet does what it says; it sends information about your computer to Microsoft. The info it sends is not specified but “In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or contact you.”
I am returning to Avira for now.
YIKES!
I’m in the middle of a few new builds (ugh, three desktops and a Linux machine), so haven’t yet gotten to this level of detail, but YIKES!
Egad, me too. I had notifications only turned. It wasn’t unheard of that even security updates would break something. I also didn’t always agree with their definitions of critical.
I just went to Windows Update via control panel and changed the drop-down to “check for updates but let me choose when to download and install them.” Are you saying that this choice will be overridden? I don’t mind automatic updating of definitions, but not auto updates.
I’m not sure how this relates to the automatic updates settings. I just changed settings to “never check for updates” and got the flag by the Action Center but the MSE icon was still green. Are you saying it would go back and without my intervention change the settings?
Again, it’s a new build so there isn’t much to find. Is this a WHAT THE %@ HAPPENED! situation? How much did you try and track down the history? Did you look at the options under settings/what action to take?
I hate apps that phone home, and was a major reason I liked ZoneAlarm. I found a couple articles on How to block Microsoft SpyNet, but it seems likely that they will disable some of the features (e.g., Dynamic Signature Service) and a simple, small change in the programme could bypass a fix — meaning occasional rechecking of how to block it.
I’d like to learn more about the settings before heading back to ZoneAlarm. I may keep MSE on the public machines and ZA on my work computer. I’d also like to follow SpyNet for a while to see how it shapes up and what else arises.
I can’t speak for everything else, but this is the setting I use with MSE and Windows 7. I don’t get Windows updates forced on me, and I don’t have any problem with MSE updating the definitions.
Regarding Automatic Updates, I can only say for sure that it turned the service on and set it to Automatic; I had it Disabled. As you said, updates can cause problems and I want to make a fresh backup of a large database I run before I install updates.
MSE did run after I set the Automatic Update service back to Disable, but it would not update virus definitions. When I went to the Microsoft Update website, some, but not all, of the updates I had chosen to hide were again showing.
After I ran the first scan it showed a box with two infections listed. As I sat there reading it, the screen blinked and one of them disappeared. I could not find it on my machine. It was a simple NoCD hack for a (non-Microsoft) game. It simply did not show up in the MSE History screen that the action had been taken.
All in all, this might be a fine tool for those who aren’t very into computers … but … well … I feel a rant coming on, so I’ll just say that I want to control my own computer and in typical MS fashion, this program goes too far in trying to take that control away.
Or those who are into computers and want to improve performance?
I have W7 and I initially liked the speed at which it starts up. But both in W7 and Vista by far the most cpu-time hogging app on startup was/is AVG, so I am tempted by WSE.
I don’t mind having auto-updates switched on (or switched to ‘… but let me choose which ones to install’)
And the only stuff I have hidden are the seven trillion language packs (ok so maybe there’s about 15, which is slightly less than seven trillion, but 15 is still way more languages than I can speak or those who will ever use my computer can speak)
If I try WSE and it turns out I hate it, can it be removed fully? Or does it leave any microcrap behind?
AV vendors compete on features but AV really is not an application that benefits from all this bloat. Not only is MSE good at detecting viruses its also a minimalist application. No AVG-like browser integration or Norton firewall. Its just an AV scanner. Hopefully, AV vendors will now compete on performance instead of bloat because its gotten fairly out of hand. Not to mention a lot of people never subscribe for updates and are better off with a free solution.
It didn’t turn on automatic updates on any of the computers I’ve installed it on, so I’m not sure what happened to you.