Threat Level: green Handler on Duty: Rick Wanner

SANS ISC: InfoSec Handlers Diary Blog - Microsoft Security Essentials AV InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft Security Essentials AV

Published: 2009-09-30
Last Updated: 2009-09-30 01:59:48 UTC
by Mark Hofman (Version: 1)
6 comment(s)

Microsoft Security Essentials (MSE) hit the streets today (Thanks Kia for the heads up).  So I thought we'd have a quick look at it and let you know how it goes.

MSE replaces the Onecare offering and the free Defender installation standard on Vista installations.  It will provide you with malware detection and removal ONLY.  So do not rely on this as your one stop shop for security.   It does not have the features and functionality that many of the AV vendors provide in their products.  Think of this as the AV as it used to be in 2000 or so. 

There is no central management and updates are taken from windows update services (from the looks of it not from WSUS). 

The install is straight forward.  After downloading it (approx. 8MB), run the installer and follow the yellow brick road.  It does a genuine product check and after installation it will go and update itself.   I had troubles getting it to update when behind a proxy server, but I suspect that was a local issue.  Going direct it updates and applies the latest signatures.  Reportedly there will be 3 updates per day on average. 

Detect rates seem to be quite good.  It seems to have found most of the things on a test malware drive.  I have to check more closely if it missed things and if so why. 

There are plenty of people who don't want to pay for AV, we all have one or more in the family.  This will plug that gap, assuming the Windows version being used is legit.  

 

Mark H

Keywords:
6 comment(s)
Diary Archives