Microsoft's free antimalware beta on the way
Updated at 2:40 p.m. PDT with comment on what happens if a user already has antivirus software installed and at 1:45 p.m. with AVG comment.
Microsoft will launch a public beta of its anti-malware service, Microsoft Security Essentials, on Tuesday as it phases out its Live OneCare suite in favor of a simpler free consumer security offering.
Microsoft Security Essentials, which will run on Windows XP, Vista, and Windows 7, will be available in the U.S., Brazil, and Israel in English and Brazilian Portuguese. A public beta version for Simplified Chinese will be available later in the year.
The service works like traditional antivirus products in which client software monitors programs on a PC. When something changes on the computer, such as files being downloaded or copied or software trying to modify files, the system checks against a set of malware signatures in the client program to see if the code matches the signature for known malware. If so, it blocks it from getting downloaded.
If no signature match is found, the system will ping the server-based Dynamic Signature Service to see if any new signatures are available and, if so, it removes the malware. If it appears to be new malware, the Dynamic Signature Service may request a sample of the code in order to create a new signature.
The service updates its anti-malware database constantly and publishes new antivirus signatures to Microsoft Update three times a day, Alan Packer, general manager of Microsoft's Anti-Malware team, said in an interview on Thursday.
"The hope is that people who install Security Essentials and enable auto updates in their Windows configuration will be protected" automatically, he said.
The service also includes new technologies that help protect against rootkits, programs that are designed to hide the fact that a PC has been compromised, and is also designed to run efficiently by scanning when the PC is idle and conserving on memory usage.
If you already have antivirus software installed you probably don't need this service. Security Essentials doesn't detect if you have security software installed but does provide a message upon install that says two antivirus products aren't necessary and could interfere with each other, Packer said.
Microsoft announced in November that it was dropping its Live OneCare service in favor of a slimmed-down free offering designed to encourage more people, particularly those who don't want to pay for it and fear it will slow down their computer, to use antivirus software.
The new service lacks features like managed firewalls, performance-tuning, backup and restore, printer-sharing and multi-PC management that the OneCare service offered.
"We don't see Security Essentials as a direct competitor to other free products and suites," which try to "upsell" users, or get them to eventually pay for a product, Packer said. "We're targeting people who aren't protected" already.
A spokeswoman for AVG, likely the main rival to Microsoft's service, said AVG offers a free Internet security suite that has advantages because it is operating system agnostic and was developed by a company that specializes in security products.
Asked what Microsoft's strategy is for mobile, Packer said he couldn't comment on what the Windows Mobile team is doing.
"In general, the way we look at mobile from a security standpoint is that you are better off preventing the malware from getting on a mobile device rather than trying to run anti-malware or antivirus software," he said. "We haven't targeted mobile antivirus software because we felt that's not the right approach."
Microsoft Security Essentials will be available for download from Microsoft's Web site beginning on Tuesday.
This is what the interface will look like when the service finds that the PC is clean of malware infections.
(Credit: Microsoft)
This screenshot shows what a user will see when Security Essentials finds malware on the PC.
(Credit: Microsoft)
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
(now I personally have no use for it on anything I own, but that's probably for the best since it's windows-only, eh? :) )
You don't need AV because?
You have no friends and don't send or receive emails?
You an OS that 0.001% of the population use?
You are in denial that your OS is perfect?
You are the future of the human race and can foresee virus' before they happen.
Because:
* A/V is a reactive technology that cannot even catch inbound malware 50% of the time. By the time the major ones can all catch it, it is already too late.
* The rare security threats on the OSes I use won't be mitigated by any A/V solution.
* The last credible and unavoidable malware threat for Linux died of old age sometime in 2001.
* OSX had a couple of trojans, but those would have required me to go to a dodgy pr0n website, download a dodgy executable from it, and then enter my admin password to launch the malware.
* Meanwhile, literally hundreds of thousands of Windows machines fall to malware daily.
I'm a bit concerned about your fourth bulleted item. Unless you're referring specifically to status quo, this statement is incorrect. As it were, the only known drive-by downloads for OS X at this time are 3 undisclosed PoCs at CanSecWest, and 1 PoC that is publicly available. However, what is known is that a Mac without after-market security, be it comprised of system tweaks, third-party software, or both; is a sitting duck to drive-by downloads: http://blogs.zdnet.com/security/?p=1325
That said, Windows Vista has yet to be breached by an ItW drive-by download, either. And as far as I know, no one has done it through a browser at CanSecWest; only through Adobe Flash using the browser on day 3 (and that particular vulnerability has long since been patched). Apple still has the advantage of relative obscurity but, if Windows 7 proves to be an XP killer as prophesied, cybercriminals will eventually have to settle for the easiest remaining target. And unless Snow Leopard introduces functional implementations of DEP and ASLR, OS X will remain the most vulnerable OS on store shelves.
Sorry, I badly misspelled your username, LOL.
Err, your cite talks about trojans and potential privilege escalations. Could you point out the part you were citing specifically?
Meanwhile, I can couple something like this:
http://www.guardian.co.uk/technology/2008/apr/03/security.google
...with this:
http://www.withinwindows.com/2009/02/04/windows-7-auto-elevation-mistake-lets-malware-elevate-freely-easily/
...and own any Windows 7 machine I want. (Microsoft has said that the latter is left like that "by design").
Not saying OSX (or any OS) is perfect, but compared to some?
The problem with ignorance and the false sense of security that you are exhibiting is that you are the prime target for criminals to go after. You aren't running any sort of AV product, you aren't taking steps to secure your system, and you are so full of self delusional confidence that when / if your system is compromised, you won't even know it.
That's the sad truth. Your system could be compromised right this very moment, with keyloggers and bots running in the background and yet you won't know because there aren't any tools out to detect this and even fi there were, you won't take the time to find out because you just 'know' that it's perfect.
Are you familiar with the fable of the Emperor who had no clothes? That's the situation you are putting yourself in, your majesty.
>>>>This part: 'but it can allow a Web exploit or Trojan horse to gain root access without the user?s knowledge or permission.' Notice "WEB EXPLOIT" and "WITHOUT THE USER'S KNOWLEDGE OR PERMISSION." For the record, a "Web exploit" is a drive-by download.
That said, did you happen to read the two articles you seem to have hastily dug up in a frantic Google search? The first one talks about iFrames (old news) and recommends that you upgrade to XP SP2 with IE7 or Vista, LOL.
The second refers to the fact that people have been "balking at dealing with more than two security prompts per day" (people who obviously are not familiar with OS X or Linux). Microsoft's yes-man response is to lower Windows 7's default configuration to a whitelisting concept. And in spite of the fact that security researchers are nagging them about it, Microsoft seems to be siding with consumers. However, Microsoft is citing a discrepancy between what can be done remotely and what can be done locally. But if nothing else, they might let users see what happens when UAC is set to a lower level, then release a patch to raise it back up to "always notify." Of course, those of us who know better can just go into Security Center and raise the slider ourselves.
That said, you didn't read my previous post very well, either. Windows Vista and the upcoming Windows 7 have DEP and ASLR, which OS X does not. The only people who know how to get circumvent these two are among the best hackers in the world, and they have REAL jobs. Apple's authentication mechanism is the only defense it has, and is no better than a limited user account in XP, a chastity belt made of paper.
lol at your last comment- "You are the future of the human race and can foresee virus' before they happen."
On the other hand, this freebie from MS is supposed to be equipped to handle rootkits, does most of its work in the cloud to minimize performance hit, and sends feedback from an IDS to help MS generate new signatures on the fly, drastically shortening zero-day response time.
That said, this suite is targeted to current OneCare users and people who have no security suite, including those concerned about system resources. Grisoft is ignoring the fact that their security suite is one of the heaviest around, and that the free version offers little to no protection beyond their signatures and heuristics, neither of which are anything to scream about. Even CyberDefender offers better mileage, and CyberDefender stinks!
Of course not that would give him less things to troll about.
Yep, you are right, Microsoft is not security their operating system.
care to back up that statement with some facts?
1. By downloading an infected file from the Internet (torrents are a way a lot of people I know get them)
2. From software you buy in the store (??, but they say it has happened)
3. By using a disk a friend gave to you
4. By loading a document file that someone gives you
5. By opening and running an e-mail attachment
Found that with Google book search. Seems pretty clear the vulnerability is the user.. once you let something onto your computer it's pure PEBCAC
I forgot the name but I used back in my Windows days
was pretty decent actually, Wonder what happened to it ?
This as it shows in th picture is against viruses AND spyware!
1. It is definitely nonessential.
2. It's going to cause more problems than it solves.
Windows needs a good free security suite. The best choice right now is a combination of Malwarebytes' antimalware, Superantisyware, and either Avast or AVG. I suspect the biggest effect of this Microsoft release will be an increase in zombie PCs, as people uninstall even what poor protection they have, thinking that MS will protect them.
I would call an entire operating system an essential product, wouldn't you? Why can't they just fix the problems with Windows instead of creating an entirely separate program to TRY and catch them?
Said it before, and it's becoming more evident with every upgrade or "improvement"...
Windows is.... A 32-bit extension to a 16-bit graphical interface, sitting on an 8-bit operating system, originally written for a 4-bit processor by a 2-bit company without ONE BIT of common sense.
Nothing like someone commenting and offering an opinion on a product they do not own, use, or support. That makes them instant experts. :)
I have never owned, used or supported a Yugo, either, but I know a bad product when I see them. I also know of Microsoft's business practice history. I also know that the top BUSINESS leadership at Microsoft has not significantly changed (Gate's departure notwithstanding). I also know that Microsoft has a history of doing whatever it pleases and then bowing to pressure later when forced to by governments and legal agencies, but long after the desired outcome has come to past. Does this make me an expert in their latest offerings? No. It makes me an expert in what to expect from Microsoft.
And 25 years in the computer world as an IT professional and having owned, used and supported Microsoft products in the past and present DOES make me an expert.
But if you want to try the latest Yugo from Microsoft, be my guest. It's folks like you who keep folks like me in business. :D
Or were you just commenting to troll yourself and you have no intention of trying this latest thing from Microsoft, either?
(A+, Network+, MCP, MCSE)
Anyone can claim to be a certified technician over the internet.
Did you know I fly passenger jets for a living and have over 30 years of experiencein the air?
"(A+, Network+, MCP, MCSE) "
Those certifications doesn't make you an expert- and most true experts would not list such simple and rather.. ah.. 'amateur' level certifications on their resume. Those are all super easy things to get certified for. I did them all in a week and it gave me no advantage or knowledge of any use. They are paper certs only and ridiculed in the industry. Listing them here tends to reduce your credibility than add to it.
As for trying the product myself- I will try it out and have been using it now for over a year internally at Microsoft. I speak from personal experience with the product both on a user and support side. That rather puts me at the 'expert' level, wouldn't you say?
BING
How did that change ? Maybe I don't like BING, maybe I want to go to Google ? or Yahoo or something else ? who did this change ? an back round update ?
Trust here low, confidence level low.
I've seen them "give away" stuff before: Microsoft Word. How much is that costing these days? Get people hooked on something, and they rarely change - even when there are better FAR products for less cost out there. Since every Windows machine ever made needs a good security solution (and I'm not calling this latest offering from Microsoft 'good', only that a good one is needed), it stands to reason they'd milk that market by giving away what they should have built into Windows in the first place, then will turn around and charge for it later - probably one of those 'lease' things since it's set up that way.
Besides, I do NOT like the idea of anyone outside of my control scanning my IP traffic. Given Microsoft's penchant for doing unto users whatever they want to do, I don't trust them to leave it anonymous or to not filter it to suit their concept of a 'good computing experience'.
Also, it seems to me that "building things into Windows in the first place" is pretty much the subject line of each and every anti-trust lawsuit brought by the EU. Are you really advocating that they bundle another product that could take market share from another company?
Seems you should think these thoughts through a bit further before committing them to the forum.
I think you're talking about Microsoft Works, which is a completely free suite of office productivity software that is packaged with Windows these days. It's still free, and does pretty much most of what Office products can do, except the UI isn't so good, and lacks some functions.
BTW, Dell put that on your computer, not MS. I haven't bought a Dell in many, many years but they load their machines up with 100 things you'll likely never use. They probably get a cut when you buy it from the trial they installed.
wonder if it'll be able to spot the most dangerous maleware of them all. It goes like this:
"ALERT!!! extremely dangerous virus found in your hard drive: Windows Vista. Your computer is at risk. DELETE DELETE !!! Yes or No?"
What we need is software to alert us to trolls.
And no false +ves.
Microsoft is probably one of the worst software makers, not to mention hardware makers (cough* RRoD cough*).
Seriously?
ESET NOD32 FTW!
Meanwhile in this reality, things are very much different.
lolz....
Quote "
by > Fatesrider < June 18, 2009 3:47 PM PDT
Long experience does not necessarily make one an expert on a particular new product from a company, but it certainly makes one an expert on what to expect from a company.
I have never owned, used or supported a Yugo, either, but I know a bad product when I see them. I also know of Microsoft's business practice history. I also know that the top BUSINESS leadership at Microsoft has not significantly changed (Gate's departure notwithstanding). I also know that Microsoft has a history of doing whatever it pleases and then bowing to pressure later when forced to by governments and legal agencies, but long after the desired outcome has come to past. Does this make me an expert in their latest offerings? No. It makes me an expert in what to expect from Microsoft.
And 25 years in the computer world as an IT professional and having owned, used and supported Microsoft products in the past and present DOES make me an expert.
But if you want to try the latest Yugo from Microsoft, be my guest. It's folks like you who keep folks like me in business. :D "
.........................................................................................................................................................
OMG ROFL you kill me MR 25 years of BS...... The only thing I see that you are a expert on is being a IT Professional who probably works at Best Buy for Geek Squad as the Title IT professional means jack to the Enthusiast Hardware, software, mod freaks of Computer as what they teach you to give you that so called title is a JOKE .... :O So do tell MR knows it all??? Do you donate more than Bill dose? Have you made any thing that is wanted worldwide? What did you use to read and submit this expert info of your? In 25 years have you ever learned to change your point of view? And could you please tell us all THE ALL KNOWING Microsoft Expert in what to Expect from Microsoft...... the upcoming Windows 7 ....do tell us the scoop on it as 25 years should make you so right..........By the way how does using something make you an expert ? I know lots of peeps that have did thing for 25 + years and they still suck at it, could you fall in this group? Because I have not seen anything you have improved on to make better in what you so badly put down. Don?t get me wrong Microsoft has done a Lott of not so right things but has also gave us more good things that is used worldwide and some used for bad but that comes with all things. Not to pop your bubble buddy, If all computers 90% better in software and hardware and in the security of the programming shops will still be busy cause of USER ERROR the fact to most of all problems on over 75% if not a bit more : / of PC's out there today. So go and do your BAND-AID work Einstein as if anyone would take what you say as good expert advice then you might also have a 2nd career in selling yugo's at a used car lot.
One of the best comments I ever heard about Microsoft was at an engineering meeting in 1990. The speaker made the point that in 1970 there were about two million people world-wide who were knowledgable about computers. Now (1990), there about 20 million. "Isn't it a shame, 18 million people and all they know is Microsoft." The entire meeting laughed for a full minute.
I also used a Hewlett-Packard 1000 computer system running Real Time Executive operating system that was far more agile, integrated, and bullet proof in 1980 than anything Microsoft has to offer today.
- by markdauvid June 25, 2009 6:07 PM PDT
- i guess i was one of the lucky ones to get the windows essentials beta. the first issue i encountered was windows defender somehow got turned off. this afternoon when i booted up essentials was turned off and i got the little red thingie. i discovered if you open security center you can kick start essentials.
- Reply to this comment
-
(65 Comments)