| By Fred Langa |
Malware researchers are now finding the same kinds of Microsoft Security Essentials problems reported earlier in Windows Secrets.
Clearly, MSE is far from perfect. Should you dump it? Let’s sort out the facts.
Mediocre scores prompt debate over keeping MSE
Charlie Vanderford was disturbed to read about Microsoft Security Essentials’ performance in a noted AV lab’s tests, reported in another publication.
- “Hi, Fred. I have been one of your readers since day one, so I feel compelled to write about this subject. I’d appreciate it if you could get someone at Microsoft to fix this problem with MSE; otherwise, I’ll recommend to everyone in my computer user group to uninstall this product.”
For example, one of MSE’s lowest Protection scores is in the area of Web or e-mail threats — exactly what I found and reported in the April 7 Top Story on the Liza Moon infection and in follow-up reader comments in the April 28 LangaList Plus column. (The links are intentionally left out; see why in the May 5 Windows Secrets Introduction.) Both articles detailed how Microsoft Security Essentials failed to block this Web-based malware. It was disappointing that MSE did not catch it.
But as I reported, malware like this often depends on user error. For example, before Liza Moon runs, users have to click four separate times past various Windows security prompts and dialog boxes. Users have plenty of opportunties to avoid infection. So, although I can’t argue with AV-Test’s MSE scores in this area, I do disagree with the importance they give it.
Similarly, I just can’t get worked up about their low ranking for MSE’s handling of zero-day threats, which is malware so new there’s not yet any standard protection. Yes, zero-day threats are real; it’s one reason why columns such as Susan Bradley’s “Patch Watch” and Robert Vamosi’s “In the Wild” are so valuable.