For a while now I’ve been listening to security experts tout the next big anti-virus program for Windows, a tool called Security Essentials. The only problem that I could see is that it was made by- um – Microsoft. Not a company with a track record for excellence especially in the area of malware defense. Actually the lack of security in Window’s PCs is the biggest reason the internet is so inundated with spyware and trojans and spambots. There have been a couple of bright spots, well one- the Windows Firewall which keeps user’s files from being seen/changed by others it only took a couple of service packs to get that turned on by default. And, they do put out patches and security updates once a month. (what if they have a fix the day after? Yes, you have to wait till next month)

However, it looks like a new day dawning for the company formerly owned by Bill. They’ve come closer than ever before to an actual operating system with Windows7 and now they have what looks to be a great Anti-virus solution. It is full featured, free anti-virus, anti-malware, auto-updating software. I’ve installed it on 3 PCs, 2XP and 1 Win7beta and it hasn’t gotten in the way yet. I have it running at a couple of client locations and haven’t had any new infections reported or reports that it is bugging the client every few minutes.

Supposedly the scan is much deeper (the initial and weekly deep scans take for-flippin-ever) and as a result returns fewer false positives than with other faster scanning solutions (avast, kaspersky in my experience). All in all, I’m hopeful that this is the product that should have always been in Windows, but I’m glad that it is here now, and freely available.

That having been said my biggest problem with Microsoft and its security policies is that to install Security Essentials or any of the security patches you have to validate your install of Windows. That’s fine for all the legitimate installs but the problem is that the majority of bots and internet attacks come from illegitimate installs of Windows. The internet, your PC, and all other computers for that matter would be safer if Microsoft pushed the security patches to all Windows users- legal or not, and made the bootleggers validate for features. Actually I think the installation should be validated before any functionality is turned on making it nearly impossible to bootleg a copy of windows at all.

Regardless Security Essentials looks to be a great product and if you aren’t protected or are at the end of your subscription, I would cancel and try http://microsoft.com/security_essentials

Be Safe Out There

Bert Boan is a tech blogger at http://bertboan.com and rarely ever has an original thought. The opinions expressed in this post were shaped by the Security Now podcast with Steve Gibson and Leo Laportte.