Microsoft Security Essentials

24 Dec 2009 - Dave

Folks regularly ask my opinion for what antivirus solution to use.  It comes with the I.T.  job.

Some folks’ comments and questions are interesting even though they do not know the intricacies of computer security.  It sounds like common sense.  For example over the last decade the fortunes of the security vendors have sky rocketed.  At the time same viruses have grown at a fast rate.  There’s something not right about those trends.

I used Norton and McAfee since the ’80’s but it was getting harder to recommend them.  Folks kept throwing common sense at me.  Saying that Norton and McAfee were the most popular and highest rated antivirus solutions sounded hollow.

I have removed viruses from hundreds of computers over the last ten years or so.  I separate antivirus software into two classes: 1) Total Security Solutions like Norton and McAfee; 2) Antivirus software like F-Prot, AVG and NOD32.  I’ve noticed the folks infected more often with the total solutions  and were much harder to clean up.

When it comes to keeping your Windows PC secure, all the scare tactics and overblown virus stories out there make it hard to feel safe online. The fact of the matter is that you don’t need to pay for Windows security.

From time to time we like to go on long, opinionated rants about subjects that bug us. This is one of those times. So let’s have a frank and honest discussion about Windows security, and leave the scare tactics and FUD for money-grubbing corporate marketers.

Stop Paying for Windows Security; Microsoft’s Security Tools Are Good Enough — Lifehacker.com

Microsoft Security Essentials is here: Microsoft Security Essentials

Microsoft introduced a feature with Vista called PatchGuard.  It blocked access to the Windows Kernel.  The Kernel is the heart of an operating system.  Microsoft introduced this feature because of their new commitment to security.  It should block the most dangerous viruses.

Some antivirus vendors patch the Kernel in trying to get a leg up on viruses and malware.  There are viruses, called rootkits, that patch the kernel to get a leg up on antivirus software.

Sony used a rootkit to protect their music and movies.  The Sony rootkit was so poorly done that it made any computer infected with the Sony rootkit less secure.  Virus authors could easily take advantage of Sony to hide their viruses from antivirus software.

The race to control the kernel was an escalating battle.   The vendors who were patching the kernel were not helping.

Antivirus software made by competitors ESET,^[17] Trend Micro,^[18] Grisoft,^[19] and Sophos does not patch the kernel. Sophos publicly stated that it does not feel KPP limits the effectiveness of its software.

Some computer security software, such as McAfee‘s McAfee VirusScan and Symantec‘s Norton Antivirus, works by patching the kernel.

Kernel Patch Protection — Wikipedia

But here’s the $64,000 question: How many of you have installed “security” products from Symantec, McAfee, and others… only to find your system is much slower than before you installed it? I bet it’s a lot. Would you believe that your system is less secure too? Microsoft has something to say about this:

The Truth About PatchGuard: Why Symantec Keeps Complaining — Windows-Now.com

A Reality Check on PatchGuard — Symantec blog response to the security improvements introduced in Vista.

Requirements:

Operating System: Genuine Windows XP (Service Pack 2 or Service Pack 3); Windows Vista (Gold, Service Pack 1, or Service Pack 2); Windows 7

Links:

• Microsoft Malware Protection Center
• Microsoft Security Essentials Ranks as Best-Performing Free Antivirus –

Lifehacker.com