Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Microsoft Security Essentials – What you need to know?

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg | del.icio.us

What is Microsoft Security Essentials?

Microsoft Security Essentials, formerly known as Morro is a free, signature-based, basic antivirus, anti-spyware product that is the replacement for Windows Live OneCare. MSE is similar to Windows Defender that is included by default with Windows Vista and Windows 7, but includes antivirus definitions in additon to antispyware definitions. As it is free, there’s no annoying “upgrade to pro!” kind of popups and so on.

Who can install Microsoft Security Essentials?

Microsoft Security Essentials can be installed on any PC running Genuine Windows XP SP2, Windows Vista or Windows 7. It requires Windows Genuine Validation for installation. It is available only in 32-bit version for Windows XP and in both 32 and 64-bit flavors for Windows Vista and Windows 7.

How MSE differs from Windows Defender, Forefront Client Security?

Windows Defender is anti-spyware software that’s included with Windows Vista and Windows 7. It is available for Windows XP as a separate download. Windows Defender does not scan for Viruses and the like as it lacks the antivirus definitions. It is designed to detect and stop spyware. Microsoft Security Essentials is for clients only. Forefront also includes modules to protect servers and even applications such as MS Exchange Email.

Microsoft Security Essentials available only as a separate download.

Microsoft Security Essentials is anti-malware software, which means that it’s designed to detect and help protect your computer against a wide range of malicious software, including viruses, spyware, and other potentially unwanted software.

How is the Installation process?

The installation packages are available for Windows XP 32-bit and Windows Vista 32 and 64-bit. The packages are comparatively smaller at well below 10 MB. The Vista version will also work with Windows 7.

The installation on a Windows XP SP3 machine took about 3 minutes. There are no options to customize the installation.

The installation process is designed to disable Windows Defender.

The following processes are added to the system on installation:

MsMpEng.exe
Description: AntiMalware Service Executable
Location: c:\Program Files\Microsoft Security Essentials\
Size: 17904 b
Memory Usage: 45 – 60 MB

msseces.exe (Starts at All users login)
Description: Microsoft Security Essentials User Interface
Location: C:\Program Files\Microsoft Security Essentials\
Size: 1046840 b
Memory Usage: 3 – 6 MB

MpCmdRun.exe
Description: Microsoft Malware Protection Command Line Utility
Location: c:\Program Files\Microsoft Security Essentials\
Size: 203800 b
Memory Usage: 5 – 8 MB
This process is frequently launched by MsMpEng.exe.

How often it is updated?

Microsoft Security Essentials uses the Automatic Updates/Windows Updates and requires the Automatic Update services to be running. Virus and spyware definitions are automatically updated daily through Microsoft Update. It can be manually updated on demand. You can also set Microsoft Security Essentials to check online for updated definitions before scanning.

MSE uses a new feature called Dynamic Signature Service. According to its documentation, “The Dynamic Signature Service enables Microsoft Security Essentials to improve its ability to identify (or rule out) potential threats. Using this service, Microsoft Security Essentials checks for the latest signatures, which enables it to verify in real-time, whether a possible threat is an actual threat, and if it is, Microsoft Security Essentials attempts to clean the threat. It also enables the program to determine “false-positive” situations on detected items that are not actually threats, and if a false positive is found, fix it.”

What about the UI?

microsoft security essentials2 300x233 Microsoft Security Essentials   What you need to know?

What does it detect? Does it detect Cookies?

You can use Microsoft Security Essentials to protect your system against potential threats, such as viruses, spyware, and other potentially unwanted software that might be installed on your computer.

Like Windows Defender, it doesn’t detect cookies. According to Microsoft “Microsoft Security Essentials doesn’t detect cookies because it doesn’t consider them a threat to your privacy or to the security of your computer. “

Why is it mandatory to be a part of Microsoft Spynet?

When you installed MSE, you agreed to be a part of Microsoft SpyNet. Microsoft SpyNet is a network of Microsoft Security Essentials and Windows Defender users which helps Microsoft in differentiating a malware program from a legitimate program.

There are two types of memberships basic and advanced. As a basic member -which is the default- your copy of MSE “sends basic information to Microsoft about software that Microsoft Security Essentials detects, including where the software came from, the actions that you apply or that Microsoft Security Essentials applies automatically, and whether the actions were successful. In some instances, personal information might unintentionally be sent to Microsoft. However, Microsoft will not use this information to identify you or to contact you.”

An advanced member sends more information in addition to what is stated above again “in some instances, personal information might unintentionally be sent to Microsoft.” MSE also collects standard computer information, which includes information about your computer software and hardware, such as your IP address, operating system, Web browser software, and version.”

There is no option not to participate in the SpyNet community. MSE privacy policy confirms that “to continue using Microsoft Security Essentials, you will need to remain a member of this online community.”

I don’t have a problem with being part of the Microsoft Spynet online community to help improve the efficiency of their anti-malware software, but that does not mean that it should remain impossible to opt out the program. There are many who may not like to be sending their personal information to Microsoft intentionally or unintentionally. Microsoft could have done it in a better way by making it optional to join the SpyNet, similar to Windows Defender and many other security software. How to block Microsoft SpyNet

How well does it do its job?

microsoft security essentials3 Microsoft Security Essentials   What you need to know?

According to Computerworld AV-Test GmbH tested Microsoft Security Essentials…All of nearly 3,200 common viruses, bot Trojans and worms were properly detected and treated. The software was also measured against a set of in-house false positives and none of the clean files were flagged as being malicious. AV-Test however noted that “further tests against larger sets of samples are required before we can come to a final conclusion.”

PCWorld says “Security Essentials has a pleasing interface, is simple to use, and has appropriate defaults. Its warning pop-ups let you deal with an issue quickly or dig in for details. If Microsoft can improve the detection rate a bit–and rev up the scan speed more than a bit–before the program’s final release, Security Essentials could turn out to be a real contender in the free antivirus arena.”

I have personally found Microsoft Security Essentials is pretty good in detecting rogue security software (Scareware), its real-time protection always stopped the trojan from installing. The cleaning process kills the infection however it was not on-par with Malware Bytes’ Anti-Malware (a very good tool against Scareware) with only the main executable of the malware being identified and cleaned. It left out other related files and associated registry entries.

microsoft security essentials4 Microsoft Security Essentials   What you need to know?

Overall a free anti-malware software with decent detection capabilities, an uncluttered interface and relatively low resource usage, it is expected to help in reducing the number of unprotected Windows systems.

Download Microsoft Security Essentials

Looking for more articles on Microsoft Security Essentials?

You may also like to read



{ 5 comments… read them below or add one }

Mark Zip October 2, 2009 at 4:10 AM

Small correction: There is no version of MSE for the 64 bit flavor of XP

The only 64 bit versions of Windows supported by MSE are Vista and 7

This omission is not mentioned in the System Requirements pages at the MSE site, but it has been confirmed by MS support.

Reply

Shanmuga October 2, 2009 at 7:04 AM

Thanks for the comment Mark. I made that clear now.

Les Constable December 4, 2009 at 9:46 PM

I have been running with Windows Live OneCare for a couple of years but recently found 2 instances of virtumonde.sci in my registry files. OneCare did NOT pick this up even though it was up to date. Microsoft tell me that OneCare does not protect the registry.
Does MSE protect the registry files??????

Reply

Chris Olbekson January 30, 2010 at 4:35 PM

I decided to give Security Essentials a try when I installed Windows 7 right when the RTM came out. I think it performs very well and it even found an instance of Win32/Ursap!rts on another machine on the network running vista and Avast. I am starting to recommend it to clients

Reply

Dr. Hubert Hechabarria November 8, 2011 at 8:51 PM

Please I have a question. If I have Spywareblaster Pro, running in the background can I also have Microsoft Security Essentials installed with no conflict.

I no this is not a comment, I require anser from some one who knows this knowledge.

Thanks.

Reply

Leave a Comment

Previous post:

Next post: