Microsoft Security Essentials (MSE) (previously codenamed Morro) is a free antivirus software created by Microsoft that provides protection against viruses, malware, spyware, adware, scareware, rogue security software, rootkits, keyloggers, dialers, worms and trojans for Windows XP (x86^[3]), Windows Vista, and Windows 7 (both x86 and x64^[3]).^[4] MSE replaces Windows Live OneCare, a commercial subscription-based antivirus service and the free Windows Defender, which only protected users from adware and spyware.^[5] It is geared for consumer use, unlike Microsoft's upcoming enterprise-oriented product Microsoft Forefront.

AVG Technologies viewed MSE positively, stating it reinforced the company's ideal of free antivirus software. Ars Technica reviewed it positively, citing its organized interface, low resource usage, and its status as freeware.^[6] Symantec and McAfee, two competing antivirus vendors, responded by claiming that MSE is not as good as their own software.^[7][8]

Contents 1 Development 2 Features Jump to: navigation, search Microsoft Security Essentials 3 Licensing scheme 4 Reception 4.1 Industry response 4.2 Reviews 5 Malware impersonation of Security Essentials

Development

Microsoft announced plans for a free consumer security product, designated “Morro” on 18 November 2008.^[9] It marked a change in Microsoft's consumer antivirus marketing strategy: Instead of offering a subscription-based antivirus with a host of other tools, such as backup and a personal firewall, Morro would be free for all genuine installations of Windows not intended for business use (with an exception for small home based businesses) and offers protection against all types of malware.^[10] Microsoft Forefront would be offered alongside MSE, with central management tools not present in MSE. On 17 June 2009, a leak of version 1.0.2140.0 revealed the internal name of Morro was changed to Microsoft Security Essentials.^[11]

On 23 June 2009, Microsoft opened a public beta to 75,000 people in the United States, Israel, People's Republic of China and Brazil. At the time, Microsoft stated that MSE would be finalized and released before the end of 2009, in 20 markets and 10 languages.^[12]

On 20 September 2009, Microsoft e-mailed beta testers and informed them of the upcoming release of the final build of the first version of MSE.^[13] The final build was released on 29 September 2009^[14][15]

Hardware requirements for MSE differ, depending on the operating system. For Windows XP, MSE requires at least a 500 MHz processor and 256 MB of RAM. On Windows Vista and Windows 7, MSE requires a 1 GHz processor and 1 GB of RAM. Under any compatible operating system, a VGA screen of 800 × 600 or higher, 140 MB of free space, and an Internet connection are also required.^[16]

Features

MSE is a security suite designed for consumers and lacks centralized management features which are found in Microsoft Forefront Client Security. It includes the same anti-malware engine (dubbed "Microsoft Malware Protection Engine", or MSMPENG for short), and virus definitions that all other Microsoft desktop antimalware products share, including Forefront Client Security, Windows Live OneCare, and Windows Defender (Defender excludes the antivirus definitions which are separate from the antispyware definitions).^[17] Before installation, MSE checks for the validity of the installed copy of Microsoft Windows. MSE requires no registration or personal information.^[18] MSE will disable Windows Defender, as it provides protection against malware, not limited to spyware and adware.^[5]

Using default settings, archived files are decompressed, and then scanned. File downloads and e-mail attachments are also scanned. Its Dynamic Signature Service attempts to better identify malicious files by checking for updates if an application exhibits suspicious behavior.^[19] Before taking action against a suspect file, MSE prompts for user input. If no response is received in ten minutes, then the suspected malware is handled according to its default action, letting MSE determine what to do with the malware. System Restore points are created before removing found malware.^[20]

MSE automatically checks for and downloads virus definition updates which are published three times a day to Microsoft Update.^[21] Alternatively, users may download the updates manually from Microsoft Security Portal.^[1]

[edit] Licensing scheme

Microsoft allows users to freely download, install and use Microsoft Security Essentials on an unlimited number of their computers in their household which has a genuine copy of Microsoft Windows. Microsoft Security Essentials checks for genuineness of the operating system during and after installation. If the operating system is found to be not genuine Microsoft Security Essentials may cease to operate after a period of time during which user receives notifications.^[2]

Microsoft Security Essentials software license agreements also denies user the right to reverse-engineer, hack, decompile or disassemble the software or to publish or disclose the results of benchmark tests of this software to third parties without written approval from Microsoft Corporation.^[2]

Reception

This article's factual accuracy may be compromised because of out-of-date information. Please help improve the article by updating it. There may be additional information on the talk page. (May 2010)

Industry response

After Microsoft publicly announced Morro on 19 November 2008, Symantec and McAfee shares fell 9.44 and 6.62 percent respectively. Microsoft shares also fell 6 percent. However, Microsoft claims MSE will not directly compete with other paid-for antivirus software; rather it was "focused on the 50 to 60 percent [of PC users] who don't have, or won't pay for, antivirus protection, antimalware protection," according to Amy Barzdukas.^[22]

Symantec, McAfee, and Kaspersky Lab representatives dismissed MSE as a competitor. Tom Powledge of Symantec claimed OneCare offered "substandard protection" and an "inferior user experience", implying MSE would be the same. McAfee stated "With OneCare's market share of less than 2%, we understand Microsoft's decision to shift attention to their core business." Justin Priestley of Kaspersky stated, "[Microsoft] continued to hold a very low market share in the consumer market, and we don't expect the exit of OneCare to change the playing field drastically."^[23]

An AVG Technologies representative stated, "We view this as a positive step for the AV landscape. AVG has believed in the right to free antivirus software for the past eight years." Nevertheless, AVG raised the issue of distributing the software, "Microsoft will have to do more than simply make the product available."^[23] However, bundling MSE with Windows may cause antitrust lawsuits.^[24][25]

After a Microsoft spokesman stated on 10 June 2009 that a beta version of MSE would soon be released, Microsoft shares were up 2.1 percent. Both Symantec and McAfee shares fell 0.5 percent and 1.3 percent respectively. Daniel Ives, an analyst with FBR Capital Markets, stated MSE would be a "long-term competitive threat", though near-term impact would be negligible.^[4]

[edit] Reviews

A pop-up notification stating malware was found.

The public beta received several positive reviews, citing its low resource usage, straightforward user interface, and price point.^{[26][27][28][29]} Brian Krebs of The Washington Post found MSE used 4 megabytes of RAM during testing, even during scans. A "quick scan" took about 10 minutes, and a "full scan" about 45 minutes on an installation of Windows 7.^[28]

PCWorld noted its "clear-cut" and "cleanly designed" tabbed user interface. At the top of the main tab, the security status is clearly shown. The other three tabs allow users to manually update MSE, review its history, and change program settings. However, PCWorld found some of the settings to be cryptic and confusing. Settings, such as what to do when malware is found, default to "Microsoft Security Essentials' recommended action". There is no explanation of the recommended action except in the help file. The editor was also confused because MSE does not mention it automatically updates itself within the interface; some may believe they must manually update MSE through the "Update" tab.^[27] However, this was included in the final release.

PC Magazine cited MSE's small installation package (about 7 MB, depending on the operating system) and its speedy installation. On the downside, the full installation occupied about 110 MB of disk space, and the initial update took 5 to 15 minutes. The editor also noted the fact MSE sets Windows Update into its fully automatic mode, which automatically downloads and installs updates although it can then be turned off again through the control panel. Installation succeeded on 12 malware-infected systems. Some full scans took over an hour on infected systems; however, a scan on a clean system took 35 minutes.

During an on-demand scan, MSE beta found 89 percent of malware samples; but only 30 percent of commercial keyloggers. Those results were average, according to the editor. MSE found 67 percent of rootkits. The suite detected half of the editor's scareware samples. The suite's real-time protection found 83 percent of malware and blocked the majority of them. In this test, 40 percent of the commercial keyloggers were found. MSE found 78 percent of the rootkits. The editor expressed optimism MSE would improve during its beta testing period.^[26]

Malware impersonation of Security Essentials

In February 2010, a rogue security software package calling itself "Security Essentials 2010" appeared on the Internet.^[30]