But will users put their trust in Microsoft to protect them from viruses, Trojans, worms and other Internet nasties? Especially given that much of this malware leverages bugs that are present in Microsofts own code?
Microsoft Security Essentials isnt the first time the Redmond giant has ventured into the consumer security market. Readers with long memories will remember that MS-DOS 6.0 shipped with Microsoft AntiVirus (MSAV).
This was a very basic scanner, capable of detecting 1,234 viruses. (Times were different back then, and MSAV saw only one update compare that to the hourly updates that most packages receive nowadays).
Ive had the chance to take a look at Microsoft Security Essentials and it seems like a decent enough product. Its easy to install, the defaults are well thought out and its easy for users to figure out how to use the program. (Basically users dont need to touch it until it catches some malignant bit of code trying to sneak its way onto their system).
Ive even gone so far as to throw some malware at it and it seems to cope with everything. That said, my capability to test antivirus against malware is limited, but independent testing organization AV-Test.org labs looked at Microsofts new offering and were pretty impressed. All in all, it seems like Microsoft has gotten it right with this time, and Microsoft Security Essentials is a pretty good program.
Even for a product still in the beta stage, theres no obvious show-stopping gotcha to be seen.
Note: Even though Microsoft closed the door on more downloads of Microsoft Security Essentials, you can still get your hands on the download files if you know where to look (clue: try here!).
Now, given that Microsoft Security Essentials will be a free download for everyone running a genuine copy of Windows (as determined by Microsoft), youd expect it to be a smash hit. Why pay for a security product when you can pick one up for nothing?
Youd expect for the bottom to fall out of the security software market as users allow their yearly subscriptions to lapse and switch from for-cost to no-cost. But that wont happen. Why? It comes down to trust. The problem facing Microsoft is that even among Windows users (in other words, leaving out all the Mac and Linux folks who might skew the results), the company is seen as having a bad track record when it comes to security.
In a world where people now have the choice of operating systems, many people are using Windows out of necessity rather than desire. While no code can ever be 100% bug-free, Microsofts bugs (and the continuous drip-feed of patches to plug up these vulnerabilities) affect a huge number of people.
Then there are the big name malware that make it to the popular media Conficker, Storm, Blaster, Sassar, Melissa, Chernobyl the list goes on and on. These A-list bits of malware give the impression of Windows being far more insecure than it actually is.
Each new news story gives people yet another reason to distrust Microsoft. So, when it comes to choosing a security vendor, choosing Microsoft starts to seem like a bad idea. After all, if you cant trust the company to write good code in the first place, can you trust the company to provide more code to mitigate bad code?
I know that this is a gross oversimplification, and that antivirus is more about protecting the user from themselves than it is about protecting against external threats (directly at any rate). But people dont think about things that deeply. This is why Microsofts Live OneCare wasnt the raging success that Microsoft thought it would be.
But things are different this time around because Microsoft Security Essentials is a free product. Does this mean the end of consumer antivirus? No, but things will have to change, and change a lot.
If Microsoft Security Essentials is as good as is it seems to be, every Windows user will be entitled to basic malware protection for free. This will put a serious squeeze on companies that are currently selling the same thing for $20 - $30.
These products are going to have to evolve into something that offers the user a lot more. And after all, theres plenty left to do. How about adding a feature that keeps an eye on the systems patch situation (both Windows and third-party ones)? Or highlighting installed apps that contain a vulnerability? Or better network and device management? Or maybe even real-time sand-boxing?
On the positive side (for security vendors) is that very few companies offer only a basic antivirus package. Most offer packages that incorporate firewalls and other security features (such as integration with email clients). However, I still think that security firms are going to have to raise their game.
But what about the trust issue?
Well, because Microsoft Security Essentials is a free product, Microsoft is seen as the good guys, offering customers additional support and making their lives a little easier, as opposed to being opportunistic and cashing in on Windows bugs.
I dont have any figures as to how much malware the average home user encounters in a year, but in my experience its not as much as some people think. (There is a small minority of users that do things that attract malware into their lives, and then theres everyone else). Most people could install Microsoft Security Essentials and happily get on with their lives.
ALSO SEE: Windows 7 Review: Why I Like Windows 7