Antivirus testing outfit: Windows Security Essentials makes the grade

Rivals ding Microsoft's free antivirus software, but says it's 'very good'

Microsoft's free security software passed a preliminary antivirus exam with flying colors, an independent testing company said today.

AV-Test GmbH tested Windows Security Essentials, the free software Microsoft launched yesterday in beta, on Windows XP, Vista and Windows 7, putting it up against nearly 3,200 common viruses, bot Trojans and worms, said Andreas Marx, one of the firm's two managers. The malware was culled from the most recent WildList, a list of threats actually actively attacking computers.

"All files were properly detected and treated by the product," said Marx in an e-mail. "That's good, as several other [antivirus] scanners are still not able to detect and kill all of these critters yet."

AV-Test also measured Security Essentials against a set of in-house false positives to see whether the software mistakenly fingers legitimate files, a nightmare for users, who can be left with a crippled computer, and a disaster to the reputation of a security company.

"None of the clean files were flagged as being malicious," noted Marx. "Very good."

AV-Test also examined the program's anti-rootkit skills and its ability to scrub a system of malware it finds with a limited number of samples and "found no reasons to complain," Marx said. "[Security Essentials] is able to remove found malware very well, but further tests against larger sets of samples are required before we can come to a final conclusion."

Marx put to rest the once-rampant rumor that Security Essentials would operate "in-the-cloud" by scanning PCs from Microsoft's servers. "The scanner works with the locally-installed anti-virus and anti-spyware databases -- it doesn't appear to use 'in-the-cloud scanning' methods," he said.

AV-Test's results will disappoint some rivals in the security market, who yesterday knocked Microsoft's effort. "It just doesn't give you the protection that you need," argued J.R. Smith, the CEO of AVG Technologies, a company best-known for its free antivirus software. "People aren't worried about antivirus anymore. Most of it is just noise. [Security Essentials] will help, especially in emerging markets. But it's centered around viruses, which the bad guys aren't really pushing anymore."

Instead, cyber criminals increasingly rely on compromised Web sites to hit incoming PCs with exploits against unpatched vulnerabilities, said Smith. AVG packages LinkScanner, software that scans a URL for signs of infection, with its paid products. A free version of LinkScanner can also be downloaded from the AVG site.

Another noted antivirus testing lab,, said it would formally test Security Essentials in August, and release its results the next month.

Microsoft posted the beta of Windows Security Essentials to its site yesterday, saying it would cap the downloads at 75,000, which it has reached. As of early Wednesday, the site stated: "We are not accepting additional participants at this time. Please check back at later a date for possible additional availability."

The new software, formerly known as "Morro," replaces Windows Live OneCare, the for-a-fee security package that Microsoft is tossing June 30.

Microsoft has not revealed a ship date for the software, but the program's end-user licensing agreement (EULA) notes that it expires Sept. 30 or when the program is released, whichever comes first.

It's likely that Microsoft will deliver Security Essentials before it ships Windows 7, which is slated to debut Oct. 22.

Join the CSO newsletter!

Error: Please check your email address.

Tags anti-virusMicrosoft

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Gregg Keizer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts