Today in an interview with London based security firm, Dennis Technology Labs, Holly Stewart, Senior Program Manager of Microsoft’s Malware Protection Center admitted that Windows users should install antivirus software above and beyond Security Essentials.
Let me give you the background on Stewart’s surprising comment:
How did this happen?
Microsoft Security Essentials (MSE) is Microsoft’s integrated antivirus solution released in September 2009. When Microsoft launched MSE it was received with mixed results. On the one hand, people lauded the easy to use tabbed interface and the free license but on the other hand, big Antivirus vendors such as Sophos and TrendMicro contended that integrating MSE with Windows was a violation of competition law.
Well, despite the controversy, MSE went on to receive numerous accolades. In 2010, PC Advisor praised MSE adducing it’s low false positive rate and calling it a “force to be reckoned with”.
Later that year AV-comparatives compiled its annual Antivirus summary report which delineated the highest-scoring security products. On page 9 of the 73 page report you can see that it gave Microsoft the bronze medal for proactive on-demand malware detection, and low system performance impact. It also awarded Microsoft the silver medal in the category of Low False Positive Rate.
The future looked bright for Microsoft’s security products. But it turns out these accolades belied the impending doom of MSE. Ultimately the praise was not an auspicious sign of success because a year later in March 2011 and then again in April 2012, MSE’s protection scores plummeted and continued to drop until AV-TEST grounded MSE with it’s lowest possible protection score – a big fat zero.
Yet, despite the abysmal score, Microsoft continued iterating the product and rebuilt Microsoft Security Essentials as Windows Defender. With the advent of Windows 8, Microsoft added a distinct antivirus component to the security suite and was ostensibly beginning to shape Defender into a full fledged antivirus solution.
Defender offered basic protection against viruses, spyware and Trojans and people were using it; however, there was a still palpable and nascent fear about whether it really did a good job killing viruses. Prudent users were starting to wonder just how well Defender actually defended their computers.
Microsoft’s Major Blunder
Today, we know Windows Defender was merely designed to be what Stewart calls a “baseline strategy”.
That’s right, instead of sharpening it’s efforts to design the crème-de-la crème of antivirus programs, Microsoft abnegated its responsibilities as a software company and settled for mediocrity.
But despite this flagrant blunder, Stewart maintains her position that this isn’t bad news. She told Dennis Technology Labs that quote:
Baseline does not equal bad. We provide a high-quality, high-performing service to our customers and if they choose not to buy [antivirus] on Windows 8… we want to get those people protected.
Stewart said Microsoft is redirecting its energies from building a strong AV platform and has shifted its attention to informing AV vendors about threats. She explained:
We’re providing all of that data and information to our partners so they can do at least as well as we are. The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen.
Did you get that? Microsoft openly avows to being “on the bottom”? How many hapless users know this?
Stewart’s philosophy is to help AV software giants get better so the bad guys have a harder time exploiting vulnerabilities. It seems that she’s essentially saying that customers shouldn’t count on MSE or Defender as the sole antivirus solution
The more we can help them [antivirus vendors] differentiate themselves and give customers a good reason to pay for their products we know that that diversity is going to make it harder for the people who are our real competitors – the bad guys who are out there
But the irony in all this can be found on the Microsoft Security Essentials homepage. As of Friday, October 4th 2013, the MSE homepage makes MSE look like a top antivirus solution. You’ll see a surfeit of awards from top names like VirusBTN and Westcostlabs and gushy language about global recognition but you won’t read anything here about being a baseline…
Funny isn’t it?
Don’t count on Defender
So where does this leave millions of people around the world who trust Microsoft Security Essentials and Windows Defender to protect their systems? Well if you have a new Windows 8 computer with no antivirus protection then you should enable Defender with the understanding that this is only a temporary move until you find something better.
There are a few solid antivirus programs that you should purchase to make your computer impervious to common threats. PCMag published an article last month listing the best antivirus programs of 2013.
Both Bitdefender and Webroot received the coveted Editors Choice awards for best overall antivirus of 2013.
But quality doesn’t come free.
Bitdefender will set you back $50 and Webroot costs a cool $40 but in an age where solid virus protection is imperative; lacking indomitable an antivirus program is like leaving your house open for thieves. Securing your digital assets with antivirus software is just as important as securing your home with a burglar alarm.
If you’re short on cash you can still fare well with two of the best free antivirus programs on the planet:
These two antivirus solutions are perennial favorites among both home users and businesses and I highly recommend them. I use AVG on my personal laptop and haven’t had many problems with it.
The Bottom Line
I feel like Microsoft tricked the world into thinking Microsoft Security Essentials and Windows Defender were excellent antivirus programs. But as evidence from independent research firms like AV-test show, Microsoft’s integrated AV solutions are beset with problems. Furthermore, when Holly Stewart confessed the insufficiencies of Security Essentials today, it just galvanized my fear that creating antivirus software isn’t Microsoft’s forte. Microsoft has essentially given up on Microsoft Security Essentials and is completely out of the game.
My advise: don’t trust MSE to protect your computer from threats any more than you would trust your front fence to deter a band of criminals from raiding your home. Microsoft should be abashed…