Regardless of dated perceptions, Microsoft really gets security

[This was started a while back, article is from June 2009, but now that we’ve just launched Microsoft Security Essentials I thought this might be good to finally post]

Well, in light of my last post on the IE 8 security, and, in light of my “between the lines” thoughts, I thought this might be a good time to “dust off'” this article on our beta release of the future free AV offering (codename Morro) that I had actually intended to blog about earlier.   For those of you who follow this blog, my title statement will come as no surprise at all.   I would highly recommend that article, but I’m actually going to include an excerpt below that pretty much captures the main points, to save some of your valuable time.

Computerworld article: Antivirus testing outfit: Microsoft Security Essentials makes the grade

Article excerpt from Computerworld (emphasis mine to highlight key points) -
“Microsoft's free security software passed a preliminary antivirus exam with flying colors, an independent testing company said today.  AV-Test GmbH tested Microsoft Security Essentials (MSE), the free software Microsoft launched yesterday in beta, on Windows XP, Vista and Windows 7, putting it up against nearly 3,200 common viruses, bot Trojans and worms, said Andreas Marx, one of the firm's two managers. The malware was culled from the most recent WildList, a list of threats actually actively attacking computers.  "All files were properly detected and treated by the product," said Marx in an e-mail. "That's good, as several other [antivirus] scanners are still not able to detect and kill all of these critters yet."  AV-Test also measured Security Essentials against a set of in-house false positives to see whether the software mistakenly fingers legitimate files, a nightmare for users, who can be left with a crippled computer, and a disaster to the reputation of a security company.  "None of the clean files were flagged as being malicious," noted Marx. "Very good."  AV-Test also examined the program's anti-rootkit skills and its ability to scrub a system of malware it finds with a limited number of samples and "found no reasons to complain," Marx said. "[Security Essentials] is able to remove found malware very well, but further tests against larger sets of samples are required before we can come to a final conclusion."”

On an side note, it was interesting to see some of the initial negative buzz, most of it by security competitors, and ALL of it opinion based and unsupported by any facts or data.   This article gave an example of that in the following excerpt: “AV-Test's results will disappoint some rivals in the security market, who yesterday knocked Microsoft's effort. "It just doesn't give you the protection that you need," argued J.R. Smith, the CEO of AVG Technologies”.  The fact that articles on our technology always seem to include gratuitous negative comments that are seldom more than unsupported opinions, such as this one, is a big part of why we continue to battle the perception issue (of course that’s my opinion).

So back to the reason for this post.  First, I wanted you to be aware of this test, and to highlight the “passed…with flying colors”.  Unlike the opinions, actual test data is tending to validate the Morro product, and remember this is just the beta.  I believe I did some posts in the (distant) past about Microsoft’s world-class Security Response System and accompanying infrastructure, but suffice it to say, that we have a highly sophisticated, global security monitoring and response operation that is really second to none – most folks are not aware of that and never hear about it.  Our Forefront security products have been protecting not only desktops but servers, and not only at Microsoft, but for many large customers around the world for some time now.  I’ve always thought it was pretty compelling, considering that we are a primary hacker target, that we “eat our own dogfood”, which means we are protected from malware threats by our very own technology.  Second, I wanted to call out that, even though it’s listed as an AV product, as you see from above it protects against other threats such as rootkits.  And, in fact, it’s the successor to our Defender product as well, so don’t be concerned that it turns off Defender when it installs.  Third, I wanted to add that other articles seem to indicate that it appears to be good at avoiding false positives.   And, lastly, this article didn’t mention it, in other reports I’ve seen comments about how “quiet” it is and that it has less of an impact on your system than many other AV products.  Bottom line, as I’ve tried to highlight in my blog over time, a bet on Microsoft security should be a good one these days( post-SDL), even though I still see competitors (and sometimes folks online and in print) making statements that continue to try to rely on dated perceptions. 

Some other food for thought.  Microsoft leverages all the security infrastructure I alluded to above for the support of all their security products, so the same technologies and supporting mechanisms that have been, and are, protecting large corporations, including Microsoft itself, are also used in our consumer products like MSE.  So it should be no surprise, to the person who really understands Microsoft’s security commitment and products, that this product appears to be solid right out of the gate.  And, btw, did I mention that MSE is going to be free when it launches (at least for consumers).