Skip the navigation

Microsoft to deliver free antimalware

Will deny beta of Microsoft Security Essentials, formerly 'Morro,' to users running counterfeit Windows

June 18, 2009 04:03 PM ET

Computerworld - Microsoft Corp. today said it will release a public beta of its free antimalware software, now called Microsoft Security Essentials, formerly "Morro," next Tuesday for Windows XP, Vista and Windows 7.

Although Microsoft was vague about a final ship date -- saying only that it would wrap up sometime this year -- it was crystal clear that it will deny the program to PCs running counterfeit copies of Windows.

Microsoft pitched Security Essentials as a basic antivirus, antispyware program that boasts a simplistic interface and consumes less memory and disk space than commercial security suites like those from vendors such as Symantec Corp. and McAfee Inc.

"This is security you can trust," said Alan Packer, general manager of Microsoft's antimalware team, when asked to define how it differs from rivals, both free and not. "And it's easy to get and easy to use."

He stressed Security Essentials' real-time protection over its scanning functions, but both are integral to any security software worth its weight. "Rather than scan and clean, which it also does, it's trying to keep you from being infected in the first place," Packer said.

One of its most interesting features is what Microsoft calls Dynamic Signature Service, a back-and-forth communications link between a Security Essentials-equipped PC and Microsoft's servers.

If Security Essentials detects something suspicious, whether code or behavior, but can't pin either to a specific piece of malware, the software "phones home" to Microsoft servers to relay a short burst of information.

"If it sees something new, like a new binary, the client queries the back end," Packer said. "The server can then ask for a sample, which the client sends as a hash." At that point, if Microsoft has created a signature for the threat, that signature is immediately pushed to the PC. Security Essentials will ask the user's permission before sending a sample, Packer noted.

Security Essentials is the first Microsoft antimalware product to use Dynamic Signature, and the feature will be added early next year to the enterprise-grade Forefront line. "We actually identify [the things that trigger a 'phone home'] fairly loosely," Packer said. "We have a list of known good software, of course, but outside that, if a program is doing things like hooking Autostart points in the registry, or trying to kill other processes, Essential will query the servers."

Normally, signature updates are sent to Security Essentials daily via the Microsoft Update service, a superset of the better-known Windows Update.

In late 2008, this software, then code-named Morro, was described as the replacement for Windows Live OneCare, the for-a-fee security software that will be put to pasture at the end of this month. OneCare was never able to gain more than a toehold in the consumer security software market.



Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!