I just wondered if we Microsoft Security Essentials users need to worry that
this application has only received mediocre results against Zero Day Malware
attacks as carried out by AV test. Personally, I’m sticking with MSE, however,
it makes you wonder whether Microsoft is somewhat lagging behind others,
notwithstanding that it’s free, of course.
In this excerpt from
Answercast #78, I look at the recent rating received by Microsoft Security
Essentials and what it means.
]]>
Microsoft Security Essentials rating
So I heard about this a few months ago and in all honesty, it didn’t really concern me a tremendous amount.
The problem with virus tool testing is that there are so many different ways to test a tool; so many different things that can be skewed, I guess, to play against various tool strengths and weaknesses.
There is no perfect tool. Certainly Microsoft Security Essentials is not a perfect tool. It definitely has its weaknesses, but then again, so does every other anti-malware tool on the market today whether they are paid for or free.
Now, that being said, Fred Langa, who actually has a segment in Windows Secrets Newsletter on November 8, actually addressed this question and expressed what I think is probably the best sentiment – that I share.
Hard testing
Apparently, those tests that were run require that the individual using the computer actually, specifically click on things that they are not supposed to, and to dismiss warnings that they should not dismiss. Basically, in order for the computer to get as infected as those tests ran, the user of the computer has to a lot of things wrong.
They have to ignore, basically, all of the other advice that I give – which is:
-
Don’t click on things you don’t understand.
-
Don’t accept downloads.
-
All those kinds of things that are part of keeping you safe from internet threats.
Realize once again that anti-malware software is not the solution; it is part of the solution. The rest of the solution involves many other things – including things like your firewall, and perhaps most importantly, your own behavior.
Protection from yourself
Now, if, as Fred puts it, you are someone who is going to be clicking on just about anything that stands in front of them… well, you know what? Microsoft Security Essentials might not be the right choice. But to be honest, I’m not sure what would be – because fundamentally, I’m not certain that any software can prevent you from yourself.
No software can prevent you from clicking on things that you shouldn’t click on; downloading things that you shouldn’t download or ignoring warnings that you shouldn’t ignore.
Practicing internet security
So it is as part of a larger solution to internet security that I recommend Microsoft Security Essentials. It’s lean, it’s quiet, it runs in the background. It usually has very little impact on system operation.
It solves the basic problem and provides a very solid level of protection, in my opinion, when it’s combined with everything else that you should be doing to keep yourself safe. I don’t know how to protect you from yourself. I just don’t.
But if you’re someone who wants to try some of the other tools, by all means, there are definitely other good tools out there. But fundamentally, I am not changing my recommendation. Microsoft Security Essentials is a good, fundamental protection for most computer users.
If you are one of those that tends to go a little bit overboard, maybe another package might be a better one for you – but ultimately, I’m not convinced there either simply because, like I keep saying, it’s almost impossible to protect you from yourself.
(Transcript lightly edited for readability.)
Next from Answercast 78- Can I use a Universal Printer Driver to connect to my printers?
As an extra step, I’ve taken to treating my Windows machines as if they are running one of the other major OS’s (Mac, Linux) and never use an Admin account for normal usage. I create a Windows Standard User account to avoid installing things accidentally. If something wants the Admin password to continue, I just say, “No!”
Sorry Leo, I think your point of view is overly simplistic because it is impossible to never click on a bad link. If you never clicked on a bad link or downloaded a bad file you don’t need an antivirus. Unfortunately it is impossible.
While I don’t use facebook, others in my family do and it seems to be a cesspool for malware.
I switched from MSE to Avast because my machines kept picking up malware and since them in about a year of use no issues.
……I switched from Avast to MSE because my machines kept picking up malware and since then in about a year of use no issues…. :-)
I totally agree with you Leo. I have a customer who is an older lady and she loves all those funny forwarded emails. I put Kaspersky Internet Security suite on her computer, which is a very highly rated premium Security suite. Guess what she still managed to get it infected. After her license expired I installed MSE and she chilled out on doing dumb things and has been OK lately. Heck sometimes I don’t run anything but a firewall and I don’t have any problems. And I run periodic full system scans with multiple tools including AV boot disks. They never find anything but cookies.
I don’t care what anyone says about my beloved Microsoft Security Essentials (MSE) but it has been working for me for Quite some time – – and beautifully!
Truth be told, I use Malwarebytes Anti-Malware and Comodo’s standalone Firewall to make up for what MSE may lack and these programs work in complete harmony.
As an added layer of security I use the Spybot Search and Destroy On-Demand scanner.
(It’s always prudent to use a layered approach to online and computer security!!!)
TheRube
East Coast
The trouble with Antivirus programs is that when they do not find anything wrong on your computer, You could be forgiven for thinking either a; your computer is squeaky clean or b; the program is not very good, How is one to know?
I have usually judged these programs by their ratings in web sites like this one that is independent and not influenced by advertising, http://www.av-comparatives.org/images/docs/avc_prot_2012b_en.pdf
A friend reminded me of two version of the old IT acronyms, ID-10T or PEBCAK
You can figure the first one and the second means, “problem exists between chair and keyboard” and both are inside jokes about the factors of human error.
You simply cannot creat a program to pass the ID-10T test when PEBCAK is present as anything can happen despite the best programming.
That being said do not promote PEBCAK and you will fare much better (though not completely because sometimes the program itself suffers from the same PEBCAK).
“The problem with virus tool testing is that there are so many different ways to test a tool; so many different things that can be skewed, I guess, to play against various tool strengths and weaknesses.”
This really needs to be emphasized. As far as I can determine, no standards exist that each testing organization must adhere to. Organization ABC might use an XP machine with IE8, while Organization XYZ might use a Windows 7 machine with IE9 to test a particular AV product. Is that really a fair comparison??
As you say, NO application catches everything. Then it comes down to which one catches most things, and how well it’s kept up with evolving technology. And how little it interferes with the normal working of your computer while it’s protecting you in real time. MSE seems to fit that bill and I’m gratified to see that you concur. Of course, it’s not the sole solution, and it’s good to have a couple others to occasionally verify your machine’s health. Malwarebytes is well recommended, as well as Spybot. Interestingly, I’ve never seen anything good said on the Web about those constant TV ads for CleanPC.
I do all the wrong things on line I am protected by Sandboxie which is free and brilliant and has no impact on performance.
Sandboxie treats every user as an idiot and trusts no site …so you do not have to continually make judgement calls which are required with other AV solutions
Jp
Have for years used the paid versions of Avira & Bull Guard and found them extremely good. When my current subscription came up for renewal 12 months ago thought; “Why not.” “I’ll give MSE a go.” Well: I’m sticking with MSE. Have had no problems whatsoever. Unobtrusive
and “complete” protection as far as I’m concerned.
Highly recommend it.