Though I have not been directly involved with Morro (or any other anti-malware products), I am excited to see Morro (Microsoft Security Essentials, http://www.microsoft.com/security_essentials/) reach the next stage of development by releasing as a Beta package.
I personally think that Microsoft Security Essentials is a significant step forward in helping make the Internet a safer and more trusted experience for the average user. That may seem strange, given how long the industry has been around and given that there are already several free antivirus solutions available, for those that have even a slight technical interest in finding them.
I’ve shared my experience and opinion in the past about how the business anti-malware industry drives vendors to optimize towards businesses and away from consumers, so I won’t dig into that, but I do think there are some key points worth reviewing.
1. Barriers exist for “home user” protection. Unfortunately, many barriers to quality PC protection remain for consumers, both in mature and emerging markets where many threats originate. If you are the “free IT support” for your family and friends, then you already know what I’m talking about.
My Mom’s PC came bundled with trial security bundle where different components were fully enabled for some months, while other protections were partially enabled and yet other components required an upgrade to be enabled. Bottom line? Customers are confused by trials and annual subscription renewals, in many cases believing their PCs are covered when in fact their subscriptions have expired and they are not protected.
And also, let’s be frank, certain members of my family are just never going to pull the trigger on some of the online subscriptions that are available, even if they could figure out which ones are legitimate and which ones are actually disguised malware or unwanted software. And upgrades or updates? Please.
2. Threats continue to grow and evolve. E-mail threats continue to grow and evolved and since many of these are now blended threats involving web sites and some aspects of social engineering, they are even becoming more platform agnostic. By some measures, over 97% of e-mail messages sent over the Internet fall into the “unwanted” and unsolicited category.
Of course, since my Mom and yours are more aware of security issues than they were 10 years ago, malware developers have begun heavily leveraging “fake security software” and social techniques to target consumers and get them to voluntarily deploy their unwanted software. By providing an easy to find, easy to deploy solution from a known brand like Microsoft, Microsoft Security Essentials can help provide some basic, well, essentials to help fight this issue.
3. Too Many Users Need More Protection. Ultimately, the evolution of threats and the barriers for home users combine to create a situation where many users need more protection. This is not just a threat to those users, but represents a threat to the broader ecosystem when these systems are at risk of catching and spreading malware.
I’ve talked with the product teams about their driving principles and I think they are spot on for what home users need:
- Essential Features that are necessary to enable a safer and more trusted Internet experience.
- Real-time and scan detection and cleaning
- Live Kernel Behavior monitoring (leveraging technology acquired from Komoku)
- Improved anti-stealth functionality – (‘rootkit revealer’ style scanning)
- Rootkit removal
- Standalone boot scanning (boot to a preinstall environment to scan while completely inactive)
- Frequent Dynamic Signature updates
- Dynamic update capability (no wait for next “full signature” release)
- Heuristics with pre-execution program emulation
- Ability to quickly address false positives with the dynamic update capability
- Easy to Get, Easy to Use
- Will be easy to find from a trusted location on microsoft.com
- No cost, not trials or expirations
- Smart default configurations including a dark hours update schedule
- Daily updates
- Quiet Protection
- Lightweight design, tuned for performance
- CPU throtting
- Fewer interruptions – no “information only” UI, only when action is needed
- Deep and Broad Research Team
- Led by Vinny Gullotto (long time personal colleague back to our days at McAfee)
- One of the best, most experienced anti-malware research teams in the industry, built up by Vinny over the past few years. Truly, though Microsoft has been in this space a short while, the team members that Vinny has assembled have been helping make the Internet safer for pretty much forever.
Let me emphasize that this is just a Beta, so hopefully there will be warts. Yes, I say hopefully, because the purpose of a Beta is to get a lot of folks engaged to find those warts and report them so that they can be fixed before the product is released. Having said that, my next step is to install Morro on my home computers tonight and see if I can talk my Mom through installing it on her home machine 2000 miles away. Those two experiences should give me some great feedback that I can feed to the Microsoft Security Essentials team to help improve the Beta for final release. I’ll likely share those experiences with you here on the blog.
I also ask you to try it out and share your thoughts and feedback with me. I have a fair amount of product management experience and I’m happy to distill your various feedback down into some core requirements and then deliver it directly to the product team.
This is that latest in a series of steps over several years that I think is helping make tangible progress for making the Internet safer and more trusted for many users:
- Lots of security improvements in Windows XP SP2. Remember the days before pop-up protection was introduced into IE6 in XP SP2? Remember when you kept the personal firewall turned off?
- Windows Defender. Breaking ground for Essentials, Defender helped raise the bar even it it’s Beta stage.
- Defense-in-depth security features in Windows Vista and the upcoming Windows7. Say what you want about Windows, security researchers and data are showing that it raised the security bar.
Best regards ~ Jeff