ie8 fix
madison

Hardware 2.0

Adrian Kingsley-Hughes
Home / News & Blogs / Hardware 2.0

Will Microsoft Security Essentials (Morro) dent commercial antivirus sales?

By | June 18, 2009, 2:51pm PDT

Summary: Microsoft has finally lifted the lid on its free consumer security program called Microsoft Security Essentials, previously known by the codename Morro.

Microsoft has finally lifted the lid on its free consumer security program called Microsoft Security Essentials, previously known by the codename Morro.

Microsoft Security Essentials is a replacement to Live OneCare, which was a commercial (that is, paid for) product. Unlike Onecare, folks wanting protection from malware won’t need to get the credit card out once Microsoft Security Essentials is out. It won’t be the first free antivirus solution, but it will be made available to anyone running a genuine copy of Windows, and you can be sure that Microsoft will be pushing it hard.

There are a lot of unanswered questions relating to Microsoft Security Essentials, but the question that I’m interested in now is whether a free antivirus product that’s a few clicks away from millions of users running Windows on their home PCs. A question that will be on the lips of executives at security firms will be - Will people be renewing their annual AV subscription once Microsoft Security Essentials is available?

Other questions worth pondering:

  • Will price (or the lack of it) override quality?
  • Will Microsoft Security Essentials make us safer, or would a single dominant AV product make it a huge target for hackers?
  • Do people trust Microsoft enough to protect them from malware?

Kick off your day with ZDNet's daily e-mail newsletter. It's the freshest tech news and opinion, served hot. Get it.

More from “Hardware 2.0”

Topics

Antivirus, Microsoft Corp., Sales, Microsoft Security Essentials, Viruses And Worms, Security, Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology.

Disclosure

Adrian Kingsley-Hughes

All opinions expressed on Hardware 2.0 are those of Adrian Kingsley-Hughes. Every effort is made to ensure that the information posted is accurate. If you have any comments, queries or corrections, please contact Adrian via the email link here. Any possible conflicts of interest will be posted below. [Updated: February 23, 2010] - Adrian Kingsley-Hughes has no business relationships, affiliations, investments, or other actual/potential conflicts of interest relating to the content posted so far on this blog.

Biography

Adrian Kingsley-Hughes

Adrian Kingsley-Hughes is an internationally published technology author who has devoted over a decade to helping users get the most from technology -- whether that be by learning to program, building a PC from a pile of parts, or helping them get the most from their new MP3 player or digital camera.

Adrian has authored/co-authored technical books on a variety of topics, ranging from programming to building and maintaining PCs. His most recent books include "Build the Ultimate Custom PC", "Beginning Programming" and "The PC Doctor's Fix It Yourself Guide". He has also written training manuals that have been used by a number of Fortune 500 companies.

Adrian also runs a popular blog under the name The PC Doctor, where he covers a range of computer-related topics -- from security to repairing and upgrading.

Related Discussions on TechRepublic

Did you know you can take part in these discussions with your ZDNet membership?
Ask a Question Start a Discussion
71
Comments
Add Your Opinion

Join the conversation!

Just In

You're in Spynet regardless
Joe_Raby 29th Sep 2009
By default, it's set to "basic membership" which only collects information about scan results. The higher level membership allows you to give feedback on any detection.
View in thread
0 Votes
+ -
Microsoft doesn't conjure up "security" in my mind ...
RationalGuy 18th Jun 2009
... but Ed Bott has an interesting article describing a study that shows OneCare (and apparently Morro uses the same engine and definitions) scored among the top of the tested products.

That opened up the possibility for me to give it a try. Maybe this product will change my opinion.
0 Votes
+ -
OneCare...
GoodThings2Life 18th Jun 2009
The truth is that OneCare failed very early on for a very short period of time (in fact, only one or two months initially), and it has never looked back.

My only gripe against OneCare was that it was too "noisy" prompting for damn near every little thing. According to the reports, MSE is pretty much silent which is exactly the way it is meant to be.

Also, OneCare never caused system slowdowns the way most AV packages do. Chalk it up to the team having some better tie-ins being part of Microsoft or whatever you want, but what matters is that it works.

The sad part is-- for competitors-- there's not going to be anything they can do about it, because it's being offered freely as a choice that users must opt-in to get.
0 Votes
+ -
Spynet, not onecare
rtk 18th Jun 2009
caused the noise, you agreed to listen to the noise to help the community identify processes. "Membership" in spynet was not the default.

0 Votes
+ -
You're in Spynet regardless
Joe_Raby 29th Sep 2009
By default, it's set to "basic membership" which only collects information about scan results. The higher level membership allows you to give feedback on any detection.
0 Votes
+ -
One Care
bobgay 19th Jun 2009
your right it was too noisy, i was always fiddeling with it. But it had alot of good innovations, like hooking up 3 pc's. I think M$ knows more about virus's then anyone since they are always writing code to cover their back door. Now perhaps they are starting work on the front door. Think about it don't it make sense.
0 Votes
+ -
Perfect Timing . . .
jjworleyeoe 19th Jun 2009
dkawalec,

You are correct and a significant % of PC users
will take M$ up on this free product in this
economy. My gut tells me that M$ didn't want
OneCare to be too good. Now, they realize that
Windows needs a fully integrated security
suite. With Windows being such a HUGE security
target, why should the consumer be required to
pay for 3rd party security software? It makes
absolutely no sense. Moreover, it will give M$
the justification to not have to lower prices
quite so much as time passes. Finally, W7 will
easily be as good or better than Snow Leopard
in many critical categories. Consequently, with
an free, integrated security suite, the last
remaining FUD Apple has had will become much
less relevant. And, maybe M$ will surprise us
with a near $30 upgrade for W7 Premium.
0 Votes
+ -
Absolutely!
GoodThings2Life 18th Jun 2009
1) I have been recommending OneCare and AVG to users since 2005, depending on their circumstances. I can't wait to write off both of them with one unanimous choice in Security Essentials.

2) To its critics, I will remind you that OneCare only failed various performance tests ONCE, and it has since been among the top 3 performers since 2007. MSE uses the exact same engine which gives it a nice head start.

3) You certainly can't beat the price. In fact, depending on its licensing, I'm probably going to deploy it immediately in my business and replace the Trend Micro solution currently in use.
0 Votes
+ -
AVG is terrible
trance2tec 18th Jun 2009
AVG Free offers no rootkit protection, I wouldn't recommend it to any of my customers.

Avira is a substantially better product.
0 Votes
+ -
The free version maybe
jdbukis@... 18th Jun 2009
But the paid version of avira slows my webook to a crawl but AVG pro works fine on it.
And Avira only has about 2-3% better detection too.
0 Votes
+ -
Well
trance2tec 18th Jun 2009
I just don't trust AVG. It's a junk product.

Avira doesn't slow down any of my systems, but I'm not running it on any really slow computers either.

I'm hoping MSE stands the ******** tests because it's SUPER lightweight and a pretty kick ass program.
0 Votes
+ -
Avira is fantastic
IgnorantBugger 24th Jun 2009
I switched to Avira (from McAfee) about a year ago and enjoyed it's excellent protection without slowing my (older) machine to a crawl. If MSE can do the same I'll switch without hesitation...
0 Votes
+ -
AVG was awesome until 8 now just bloatware
Randalllind 19th Jun 2009
I loved AVG FREE Edition but, they ruin it with version 8. Now it just a big piece of bloatware crap.

I have switched to Avira FREE edition which has a nag screen to buy the pro but, you can disable that. It works just as good if not better then AVG 6 and 7 did.
0 Votes
+ -
Well, AVG is super.
dpant 25th Jun 2009
It is a bit unfair to blame AVG for something it never claimed to provide, isn't it? IMHO, AVG is fast, reliable, efficient and absolutely non obtrusive as far as resources consumption is concerned. It is a well known, well established AV solution, free for life. For what is worth, it greatly outnumbers other AVs' downloads in Download.com. If there is one thing I do not like it is the lack of extensive virus information in their online virus database. -dp-
0 Votes
+ -
It SHOULD dent security product sales
trance2tec 18th Jun 2009
Security software relies on operating system flaws... their entire business model is based on an OS developer to not properly secure their product.

Microsoft is now securing their product, which they should do- so security products become worthless.

We see this happen all the time, aTrackDog became worthless when Google started notifying users of application updates on Android. Junk email software is becoming worthless as services like AOL filter junk email already and Outlook/Thunderbird do the same.

The business model for security products is a weak one, they should be happy they have lasted as long as they have.
0 Votes
+ -
Wrong way of thinking.
nizuse 18th Jun 2009
The good way is to (a) recognize and accept that Windows is insecure by design; and then (b) fix that.
Alternative (the wrong way) is to let the crap continue, and slap an 'antivirus' band aid on it. In essence it's capitulation, and saying you don't know how to fix your product.
0 Votes
+ -
Windows by design
Cylon Centurion Updated - 18th Jun 2009
retains alot of legacy code to maintain backwards compatibility. There is your "broken by design" source. It is often that legacy code which is then targeted by the internet nasties that like to roam around.


Should Microsoft just up and decide to remove that code, you would see alot more compatibility issues than Vista did.

Have a look at Vista for example: It was the first time in a long time Microsoft updated the code base, because of that it is less susceptible to malware than it's older brother XP which was still using most of the old 9x/NT code. That is why Vista had the compatibility issues it did. That updated code broke alot of things...


Personally I believe we are seeing the start of Microsoft attempting to fight back on its own without the help of third party crapware. And frankly, I think they are doing a bang up job...
0 Votes
+ -
With the way Norton or McCaffee runs...
Cylon Centurion 18th Jun 2009
I wouldn't doubt it. Best of All its free, updates itself three times daily, once a month for core updates, and requires no subscription.


Just point me to the download!
0 Votes
+ -
Update Frequency
Tagamasid 22nd Jun 2009
I think Ed Bott might have said something about the update. If I read him correctly, MSE definitions will be udpated three times on the server daily, but are downloaded only once per day to users' PCs.

That said, let me in on the download link as well!
0 Votes
+ -
I will Try It
jpr75_z Updated - 18th Jun 2009
Heck, it is Free. It also uses the same scanning engine as MS's Forefront products, which are ICSA Labs certified. More than I can say for some mainstream pay-for AV products. The downside, like OneCare, is it will probably have very few configuration options. Once reason I dumped OneCare. But for the average family PC, it could be a serious competitor to the overly expensive and resource hogging Norton and McAffe products.
0 Votes
+ -
Anyone concerned with privacy?
Roger Ramjet 18th Jun 2009
Looking at how Morro works, it looks like it acts as a middleman between you and the internet. When you download, it intercepts it and virus-checks it BEFORE it gets to your computer. Seems to me that M$ gets all this information about who you are, what you're downloading, etc. That's information that I DON'T want M$ to have on me! Am I right here? Are you concerned?
0 Votes
+ -
What?
Cylon Centurion Updated - 19th Jun 2009
This isn't a cloud based service. Why would privacy be an issue?


Just tried it out myself, no data was sent from the PC.
0 Votes
+ -
Yes, i don't use Windows...
deaf_e_kate 19th Jun 2009
nt
0 Votes
+ -
Then, you've really nothing of value to add
rtk 19th Jun 2009
to a discussion about Morro or Windows.

Go find yourself a non-Windows community to assist, rather than pointlessly trolling Windows forums.
0 Votes
+ -
That was the rumor
LiquidLearner 19th Jun 2009
maybe you should actually go on the facts that have been recently released. MSE is a local client. It requires no registration or logon. Only a WGA check, which sends no personal information anyway. MSE has absolutely no personal information required to use it and it doesn't try to gather any.
0 Votes
+ -
Then you tell me
Roger Ramjet 25th Jun 2009
how Morro works. I think you are mistaken to think that it ONLY consists of a local client.
0 Votes
+ -
???
medezark@... 24th Jun 2009
But, that's how ALL anti-virus and firewall software works? However it's INBOUND information that's scanned, LOCALLY.
0 Votes
+ -
Not what I've heard
Roger Ramjet 25th Jun 2009
and read. Morro is "different" because the virus checking is done "in the cloud" - NOT on the client machine. If that is all it was, then there would not be such hoopla surrounding it.
0 Votes
+ -
You heard wrong
rtk Updated - 25th Jun 2009
probably read an article pointing to the original PC World blog post, which was nothing more than a guess on their part.

Morro works the same as Onecare, and all the other A/V softwares out there. Definitions are downloaded, scanning is done locally.
0 Votes
+ -
Well, the freetards gonna be complaining even if its free.
transposeIT 18th Jun 2009
No matter how good it is.
0 Votes
+ -
Your questions ... my answers
johnfenjackson@... 19th Jun 2009
"Will price (or the lack of it) override quality?"
Not initially ... but should MSE dominate like IE then future progress will likely be slow. (Beware monopoly.)

"Will Microsoft Security Essentials make us safer, or would a single dominant AV product make it a huge target for hackers?"
Like the windows OS you mean wink

"Do people trust Microsoft enough to protect them from malware?"
Only the sheep: others would require continual independent verification of the product's efficacy.

My question: if MSE starts to become dominant will the EU seek to limit its growth?
My answer: yes.
0 Votes
+ -
How will the EU do that
Cylon Centurion 19th Jun 2009
When they offer it has a free download only? The EU has no case...
0 Votes
+ -
a la IE
johnfenjackson@... 19th Jun 2009
NT
0 Votes
+ -
Two possibilities...
zkiwi 19th Jun 2009
1) If Microsoft bundle it with Windows, then I think the EC, and the US administration will at least look at it in terms of the proverbial "illegal leverage of a monopoly position."
2) If some bright spark could demonstrate that it was using "undocumented" OS hooks to work, or that it was "bolted to the OS" then they'd be in bigger trouble.

Why they're bothering with anti-virus is another thing. I think the money spent doing this could have been better spent on designing better, and doing a lot more on remediation rather than trying to block stuff from harming their product.
  • Flagged
0 Votes
+ -
They should not be allowed to have anything to do with AntiVirus
deaf_e_kate 19th Jun 2009
Hopefully the EU will see this as someone saying they wont break your window if you pay them insurance. racketeering or something
  • Flagged
0 Votes
+ -
Your handle is very descriptive....
wolf_z 19th Jun 2009
...of your logic.

You of course fall down with the word "pay". MSE is free. You can't do racketeering if you give it away.
0 Votes
+ -
Are you really that clueless?
No_Ax_to_Grind 19th Jun 2009
Never mind, not worth the time.
0 Votes
+ -
deaf_e_kate should not be allowed to have anything to do with forums
GuidingLight 23rd Jun 2009
as he has no understanding of what actually transpires here.

Go back to trolling at Sesame Street,
0 Votes
+ -
the potential for an OS manufacturer to have a leg up on the rest ...
valvestate@... 19th Jun 2009
...of the competition is too great to allow the OS manufacturer to do anything else. That contention has been long since glossed over at the expense of billions of dollars to the economy of fair and just people due to online identity theft, for which Windows' back door approach to writing it's bug ridden code is largely to blame for.

The fact that Morro is free (as in to download and not free for other companies to modify) doesn't mean that there isn't some dollar value in it for MicroSoft. If by honest means or by hook or by crook (the latter is laden with potential) Morro proves to be any sort of stalwart in the AV field, MicroSoft becomes a more trusted name in software. If it fails or does poorly MicroSoft isn't likely to loose many supporters for trying.
0 Votes
+ -
I don't think so
NoThomas 19th Jun 2009
My question: if MSE starts to become dominant will the EU seek to limit its growth?
My answer: yes.

The EU would only do that if MS did something really dumb like bundle\Tie it together so you could not run the OS without it. If MS keeps it totally seperate then I dont see an issue at all.

I remember when Livecare came out, people were saying how MS was trying to take over the Security idustry, that sure didnt happen.
0 Votes
+ -
MS has a real reason to be much better, others do not.
No_Ax_to_Grind 19th Jun 2009
It occures to me that Microsoft may be the only vendor out there that wants to end the virus and malware. I mean think about it, if viri and malware disappeared, the AV companies would be gone the next day. On the flip side, Microsoft wouild be dancing in the street.

0 Votes
+ -
But why dont they fix the OS then all these problems
deaf_e_kate 19th Jun 2009
go away..........

Seems the malware/virus writers seem to know more than MS.
0 Votes
+ -
Because the vast majority of malware today
Michael Kelly 19th Jun 2009
are trojan horses, which require user intervention to either escalate privileges or to merely execute the program.

MS has introduced UAC to warn users when a program wants to escalate privileges, and by default programs cannot execute with admin rights unless it goes through UAC. However MS cannot prevent a user who clicks through UAC either by accident or by ignorance, and it cannot prevent a user from disabling UAC. The same can be said of every OS and their equivalent security measures.

MS has also gone to greater lengths to prevent autoexecution of programs, although until users stop expecting programs to autoexecute it won't stop completely. And one thing MS could do to improve things is to include an execution bit the way UNIX programs do, rather than let the file extension dictate when and how a program gets executed.

But most malware is not something the OS can prevent because it either piggy-backs onto legitimate software that does need to execute, or the user simply was duped into installing it on their own. You can't fully prevent that, so you need an extra line of defense, a database of known malware that the system can check against to make sure it wasn't fooled into executing malware. That's what anti-virus is.
0 Votes
+ -
YES!
LiquidLearner 19th Jun 2009
There are very few remote exploits since the release of Vista that can infect your machine without user intervention and, so far, the ones found have been patched rather quickly. AV is to protect the user from themselves. When you go to download something and you think it is legit or you blindly click through, the AV can catch it before it does any damage. I wish more people understood that. Personally all companies should have gateway antivirus to scan all traffic coming in and out of the network as well as local virus software as an extra line of defense. Something fast and free is certainly a good choice for your second line of defense.
0 Votes
+ -
Because the issue is not the OS
No_Ax_to_Grind 19th Jun 2009
An OS simply runs the apps you tell it too. If you tell it to run unknown code that contains malware it runs it, after all you told it to.

The problem is that the hackers have become very good at social engineering to trick users into running the malware. Go to a web site that says you "need" to install code, a codec, a run time, etc. and most users do install it without thinking.

The only way to combat it is to identify the malware and block/remove it.
0 Votes
+ -
Because the issue is not the OS
amckenz@... 24th Jun 2009
Best answer I've seen all day!
0 Votes
+ -
Wrong
medezark@... 24th Jun 2009
Microsoft has worked dilegently to patch the holes in it's operating system, and continues to do so.

Current exploits of windows based machines running currently supported Windows OS (XP SP3, Vista, 7 Beta) aren't targetting (with very, very few exceptions) Microsoft's code and software.


They target significant security holes in third party applications, like ITunes, Adobe Acrobat, Flash, etc. Or they target the end user through social engineering.

But then again, as you stated in a previous post, you don't run windows. Why are you here again?
0 Votes
+ -
You ask good questions, here is what I think...
NoThomas 19th Jun 2009
"Will Microsoft Security Essentials (Morro) dent commercial antivirus sales?"
Consumer sales maybe some, but isnt MSE really targeted to upcoming markets where there is no antivirus installed anyways? Enterprise sales I dont see it making a dent at all. Companies like Enterprise tools and the control, MSE was designed for home use.

"Will people be renewing their annual AV subscription once Microsoft Security Essentials is available?" I would think so, people like what they know, if they like NAV or McAffee they will keep them till there is a reason to get rid of them.

"Will price (or the lack of it) override quality?" I would think not, a startup maybe but not with a company that has deep pockets like MS.

"Will Microsoft Security Essentials make us safer, or would a single dominant AV product make it a huge target for hackers?" Norton and McAffee are big targets now, of course if you are on top people will try to get around you. More so with MS, as hackers will advertise how easy it was for them to get around MS antivirus.

"Do people trust Microsoft enough to protect them from malware?" This is the question, I look at it like this, no one knows the OS better then MS, they should be able to block or get rid of the crapware better then anyone else. Time will tell though.

I am going to try it, for no other reason then its so small and has such a low footprint. Ed said it was what 3-4MB for the Vista versions and 7MB for the XP version. Thats incredibly small.

0 Votes
+ -
Depends on what you mean by "Sales"
wolf_z Updated - 19th Jun 2009
Personally, if Morro/MSE proves to be robust after the beta testing I'm certainly going to use it at work once my 3-year Bitdefender contract is up. Don't get me wrong, BitDefender is fairly low impact, very effective, and cheap ($6/year/seat) but if I can get an AV package for *free* then why shouldn't I?

Besides, with MS going all medievil on malware (which has been the thorn in Windows side for decades) I'm comfortable they'll get it right.

At home I use AVG-Free, but would use Morro/MSE there too. Who knows the OS and its weak spots better than the maker?

So BitDefender would lose sales, and AVG would lose a user--though not a sale since I didn't buy it. happy

Having said that, I agree if MSE is effective the AV industry as we know it is done--and good riddance!
0 Votes
+ -
wolf_z:
justanitguy 19th Jun 2009
Better check the licensing before you dump BitDefender; I think you are going to find that MSE will be free to private/home users, but not licensed to enterprise. That is, unless they later on decide to release a Corporate Edition (or some such); I don't believe that Microsoft would give away enterprise level software.
0 Votes
+ -
MS already have a corporate security suite called Forefront
de-void-21165590650301806002836337787023 19th Jun 2009
It is this suite's anti-malware scanning engine that is built into MSE.

However, you're right - MSE is only for personal use. If you want a decent anti-malware solution then Forefront or something else is your best bet as they'll offer heaps of management, enterprise alerting/reporting, controlled updates etc., that personal versions don't.

Join the conversation!

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]
ie8 fix
Click Here
ie8 fix

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources
ie8 fix
ie8 fix