Well, this was to be expected: an anti-virus company complaining that Microsoft’s Security Essentials – by far the best anti-virus tool for Windows – is anti-competitive. Microsoft recently began offering MSE as an optional download via the optional Microsoft Update service (which is not Windows Update), and Trend Micro (a patent troll) is going into boo-hoo mode over it.
Trend Micro is one of those companies which sells those awful anti-virus tools you were almost forced to use back in dark and cold days of Windows XP, that dreadful operating system Microsoft used to sell before they finally released a decent operating system with Windows 7 (yes, I always disliked Windows XP with a passion – what gave it away?)
In recent times, however, Microsoft released the wonderfully lightweight and remarkably unobtrusive Microsoft Security Essentials, an anti-malware and anti-virus tool which runs on Windows XP, Vista, and Windows 7. MSE always gets out of your way, has a small footprint, and you simply won’t notice its there. It’s so good, it has rendered those old, parasitic dinosaur programs from companies like Trend Micro obsolete.
And now, Microsoft has started offering MSE as an optional download via its optional Microsoft Update service. Note how Microsoft Update is a voluntary opt-in service whose sole function is to provide updates to more than just Windows (Office, for instance). In addition, MSE is not offered at all if another anti-virus tool (one of the crap ones) is already installed.
Trend Micro still went all boo-hoo to CNet, though. “Commercializing Windows Update to distribute other software applications raises significant questions about unfair competition,” Carol Carpenter, general manager of the consumer and small business group at Trend Micro, told CNet, “Windows Update is a de facto extension of Windows, so to begin delivering software tied to updates has us concerned. Windows Update is not a choice for users, and we believe it should not be used this way.”
This Trend Micro person doesn’t have a clue what she’s talking about, obviously. First, she fails to understand the difference between Microsoft Update (opt-in) and Windows Update (default). Second, she fails to mention the optional nature of MSE through Microsoft Update. Third, she fails to mention that if another security tool is already present, MSE will not be offered at all. Fourth, she works for a security vendor.
Of particular note here is that Trend Micro is currently in a software patent lawsuit with Barracuda Networks for its use of ClamAV; Trend Micro claims ClamAV violates one of its patents. In other words, not only is Trend Micro wrong, they’re also a patent troll.
I wish I had something insightful to add, but I felt like posting my total agreement with this assessment.
I don’t see this as Microsoft doing anything bad here and just have to laugh at the folks crying about it.
I agree. I can add that, like the article says, Microsoft Security Essentials *is* the best IMO… which is ironic in a way because, hey, it’s Microsoft… it seems like every other design decision they make is braindead and/or outright against the wishes of the average computer user. On the other hand, no one knows Windows and all of its holes better than its creator. Either way, although I don’t use Windows anymore, I have recommended MSE pretty much ever since it came out. It’s cleaner and stays out of the way, and if you’ve got 512+MB RAM, it does pretty decent at resource usage.
On the other hand, I read years and years ago (in the XP days) that Trend Micro’s AV was the “best” or the “most accurate” or something. Whether it was or not, I don’t know, but you can’t beat Microsoft’s FREE offering IMO. Yeah, yeah… okay–in the act of buying and using Windows, you’re probably still paying for it somehow anyway… but still, they could’ve easily charged for it. IMO security software (AKA anti-virus in Windows) is something that should be packaged to begin with into the operating system… but the these worthless AV companies, that has antitrust written all over it. If only history worked differently, and Windows had antivirus software built-in well before the antitrust lawsuit.
I used to think of Trend Microsoft as better than McAfee and Symantec… but now with their bitching about patents over ClamAV, they can go f*** themselves. Wishmaster 2-style.
Edited 2010-11-06 03:29 UTC
Possibly a stupid question, but if Microsoft can make software that adequately compensates for Windows’ security flaws… Why not make an OS that didn’t have those flaws to begin with?
Presumably the majority of flaws are not in the OS, but in what the user actively chooses to run.
And with how many millions of lines of code from probably thousands of programmers, there will always be vulnerabilities in every OS…. well, except for OpenBSD
Because that would break backwards compatibility?
by far the best anti-virus tool for Windows
Here is another comparison chart: http://www.matousec.com/projects/proactive-security-challenge/resul…
For the record, I use Avira with real time off….only scan on demand when downloading files.
Edited 2010-11-06 00:48 UTC
MSE is “good enough” as a security tool, while being the best in the the “don’t harass the user” department. That alone convinced me.
PS: actually, I use GNU/Linux and home and at work, so It doesn’t affect me much. 🙂
Which only prooves what MS has been really good at for a long time: catching users that don’t have the time, con’t care enough, don’t know better, or just don’t want to deal with other apps in order to look for alternatives. With MSE they did good, since they managed to gather a user based even though there are a lot of very good free alternatives, sometimes with more capabilities. Just as a note: “good enough” with a low level of “harassment”, there are quite some nice ones out there.
Your first link points to a study over a year old.
Your second link for some reason points to the Windows XP study rather than the Windows 7 one; I couldn’t care less about XP today, and MSE is indeed “certified” for Windows 7 by those that ran that study.
Your third link, judging from the dates of the comments, refers to a study from March 2008.
Edited 2010-11-06 00:52 UTC
Didn’t pay attention to the dates, I give you credit for that
It would be interesting to see a retest.
On-demand file scans are generally considered to be an OS agnostic task, meaning detection rates should not differ.
I have a hard time agreeing that MSE is the overall “best.” Yes it has decent detection rates, but it is definitely not the fastest scanner out there. Quite the opposite. The free price makes the speed tolerable though.
http://www.av-comparatives.org/images/stories/test/ondret/avc_od_au…
Total detection rates:
1. G DATA 99.9%
2. Trustport, AVIRA 99.8%
3. McAfee 99.4%
4. Avast, Bitdefender 99.3%
5. F-Secure, eScan, Panda 99.2%
6. Symantec 98.7%
7. ESET 98.6%
8. AVG, Kaspersky 98.3%
9. PC Tools 98.1%
10. Microsoft 97.6%
11. Sophos 96.8%
12. Norman, K7 96.6%
13. Trend Micro 90.3%
14. Kingsoft 80.1%
Better than Trend Micro tho’.
Yeah, but still worse than all the other free scanners.
Edited 2010-11-07 11:08 UTC
Let’s not bicker over who killed who!
Yes, but there are other aspects to the results, such as “false positives” where MSE was better than most. It has also been said in forums that the stuff being scanned, some of it dates back to the mid-90’s. While MSE has nothing to be ashamed of for a 97.6% score, I might even suggest that they are trying to make it balanced with performance and also possibly trying to concern themselves with the most modern and typical style of viruses prevalent today.
I was, however disappointed with the middle-of-the-road scripts protection. That was their lowest score at 88.1%.
Do those tests take into account how crap like McAfee and such take over your computer, infesting every corner of it with pop-ups and other annoyances?
If not – fail.
Do those tests take into account how crap like McAfee and such take over your computer, infesting every corner of it with pop-ups and other annoyances?
You know very well that such things do not belong in a test about the engine accuracy. They belong in a review of the software, or something similar.
Yes, I know how horrible McAfee is: I’ve had to several times fix computers with McAfee or Norton installed on them, and it’s the anti-virus that has been the cause of slowdowns and crashes, and in one case even filesystem corruption, and all the issues went away after removing the anti-virus in question (Of course with the exception of filesystem corruption which required more work), and most likely anyone who’s had to repair computers with them installed has similar experiences.
But you could still leave two sentences long flamebaits out of here and grow up a bit.
Hum, I don’t see Comodo there… I’m using their Security Suit. It’s pretty lightweight and it found threats that AVG didn’t found too. There’s other using it?
Yes, nice catch! Windows 7 – Yes
Also, something that should be called into question is the “quality” of the test cases. And a 1-5 scale? I prefer av-comparitives.org scoring… altho’ the question of the test cases still exists.
I just got some woman pulling her hair out on that page… kinda ironic really.
🙂
MSE Best AV – well thats contentious, it certainly doesn’t nag the user to death, slow the box down to a miserable crawl like some well known AVs and seems reasonably effective.
But best – well MSE has been tested on Virus Bulletin 3 time and fail the 100% once – NOD32 has been tested 64 times and fail 3 last fail in 2002.
http://www.virusbtn.com/vb100/archive/results?display=summary
Best Mmmm?
You know of course, that that in itself doesn’t proove much, right ?
It’s a typical tiger repellent stone example. Anyway, many accept it as good enough, which is hard to argue, since one’s good is not the same as others’ good 
Yes agreed, I don’t use MSE but pay for a solution, however, if you don’t pay for an AV then MSE will be a lot better than nothing. Whether that is good enough time will tell and it will also depend on you level of computing stupidity, promiscuity etc.
Unfortunately here (in Lesotho) even if its very good it wont make much impact on the virus problem as few computer owners have internet to update MSE and about 90% of Desktop owners use pirate copies of Windows that don’t pass the genuine advantage test and so can’t have MSE anyway.
Microsoft already has their malware removal tool that gets sent out once a month in an update and removes root kits, key loggers, etc with little problem.
MSE is better than others at getting out of the way, and I have a bit more faith in it as far as dealing with things like Smitfraud….but with all of the good, it still irks me when my system starts freezing, and I look in Taskmanager to se MsMpEng sucking up 99% CPU.
It doesn’t happen often, and just about never on my Win7 machine….but my Core2 Duo at work running XP… no good.
Unfortunately, my experience has been less than positive on my Windows 7 system. It always gets the fan going pretty quickly, and causes major system lag. Granted I don’t have a super high spec system, but it’s more than enough to be able to run 7 and all the applications I need… oh, and it runs Avast just fine. So, while I agree with the assessment of Trendmicro, I don’t have a positive experience with MSE and so certainly can’t agree that it’s the best security tool on Windows.
I’ve been running MSE on an Atom 330 laptop with Windows 7 (Asus 1201N) and I can say I don’t notice any real difference in performance after I installed it. The system itself is not speedy, but with the ION graphics it actually runs some games better than it does some office apps. But it does what I need it to do so I don’t complain much. :p
What are they going to argue? That it is in the best interest of consumers for MS not to do this? Don’t improve security to protect trend micro? Botnets send out spam to everyone, this is an issue that affects us all.
They are probably going to argue that if Microsoft Update doesn’t find an anti-virus in the system, it should show the user a selection of anti-virus choices. You know, like the browser ballot in EU computers.
Haha that is so probable! I won’t be surprised if it does happen.
Edited 2010-11-06 07:12 UTC
Make sure you include Opera in the Ballot screen.
I would hardly call Trend Micro a patent troll. They actually have released products in the domain in question for quite some time. That would be like calling Apple or Microsoft patent trolls. We could call these companies many things, but they don’t exist solely to litigate patent suits or licence patents (which is how I would define “patent troll”).
That said, Trend Micro certainly haven’t earned themselves many friends lately.
I would mod you up, but I want to add to what you said… It is counter-productive to call a company like this a patent troll, because it dilutes the definition of the term to the point that it doesn’t mean anything anymore. If Trend Micro is a patent troll than virtually every software company on earth who has ever been granted a patent and filed suit at some point is one…
I am violently opposed to the practice of patent trolling. A patent troll is a company that produces nothing, files for and/or acquires obvious patents and then silently waits for an actual functional business to implement their now patented idea and sues the crap out of them for their trouble.
Trend Micro is NOT a patent troll. They make stuff. The stuff they make may be pretty crappy, you may hate their product (hell I hate their product), etc. etc., but they do make something.
The term should be reserved for the vile, filthy, cowardly, scum-of-the-earth, no-talent, useless assholes that truly deserve the title.
To these two excellent points I would like to add that I can certainly see why Trends might be miffed about MSE although applying the term antitrust is probably not correct. This is actually more like unfair competition and price dumping, MS is more or less dumping a new product into an existing market and using profits from other products to cover their losses.
I’m not saying Trends is necessarily right but I can see why this behavior would upset them.
I also hate their products too btw, but making crap products isn’t against the law.
This is actually more like unfair competition and price dumping, MS is more or less dumping a new product into an existing market and using profits from other products to cover their losses.
MSE is not a new product, it has existed already for quite some time. So none of this applies.
Which still doesn’t make Trend Micro’s complaint something I can agree with. People have been paying for Yahoo Mail plus before GMail arrived. People have been paying for IntelliJ IDEA before Eclipse surfaced (having reportedly cost $40 million to IBM). And these are probably not the sole examples but my mind can’t find another valid one right now. The whole h.264 and WebM? Google has “given” web users several good free products that are not search-centric. I bet some of these markets had vendors (of non-free solutions/products) that were already established. Best example, Linux vs Windows…
Big players “dumping” markets looks like a fact of life. Businesses should just learn to deal with it, either by establishing a monopoly and trying to crush the competition, or by releasing products better than the competition. I won’t feel sorry for Trend Micro, and that’s not just because I use Avira. Imagine if people using MSE were left “in the dark” just to protect AV companies’ bottom line.
I switched to MSE when it came out and I tell everyone to switch to it
Edited 2010-11-06 06:30 UTC
Sir, your arguments just convinced me. Not.
You had me going up until the “Not.”
Not everything on the interwebs is an argument.
Yes it is.
So Microsoft is “the best” and Trend Micro are a bunch of cry baby patent trolls?
I didn’t even read the rest of the article. I couldn’t take it seriously after that.
But I will say one thing: regardless of Trend Micro’s reputation, be it positive or negative, nothing, AND OH I DO MEAN NOTHING, could ever convince me to trust Microsoft with anything remotely related to security, considering its absolutely abysmal reputation in this regard.
Cheers.
You’re trolling, please develop? In the consumer market, MS has the largest footprint by far, making them the prime target for any security expert. Over the years they developped alot of inherent security mechanisms in the system while mounting what is probably one of the best threat-response workflow of every desktop OS company. They were bad years ago but please provide substantial results on why they didn’t improve in the recent years?
Sure, they’re not OpenBSD, but their market is quite different and has different needs. I’m all for a good MS bashing but security since vista/7 has improved by leaps. After that, it’s not really their fault people are stupid, dl random exe from porn sites, disable UAC and the likes.
This is a good point. It would be interesting to how well OpenBSD would fair with the same desktop exposure as Windows. It most certainly would do much better than Windows, but I’m sure that level of exposure to the world would open up some problems.
I would choose MSE over Trend Micro anytime.
To be totally honest, I don’t really like MS, but they did a damn fine job with Windows 7, and as far as them supplying their own antivirus software …… Well, who better then them, It is in the companies best interest to keep it’s operating system secure. It makes them look better and secures it’s customer base.
If another company can do better, they will win out (at least on the corporate level) which is where most of these security companies make their money anyway.
So really, what’s there to complain about? It’s not that bad by any means so that’s two bonuses. I’ve installed it on a couple of people’s computers and no complaints so far (it’s been a year or so).
I have a problem with all thoses tests on AV.
As I am not a security expert, I can’t judge the value of them.
Don’t you feel weird that every time a chart is publish there is always one with 100% ?
It remind me Graphic Cards tests.
Edited 2010-11-06 19:51 UTC
I fail to see where Windows 7 is any better than other versions of Microsoft’s defective spyware…
Seems the update process still knocks systems down, and the update processor is taken down by Microsoft so the users that updated are stuck with ‘screwed’ systems…
and the ‘Black Hat’ crackers and hackers are still adequately cracking and hacking the various versions of the OS and other software supplied…
Keeping up with security in Microsoft, is still a trial and error set up.
Denigrating companies trying to make it easier and safer than Microsoft does is not the way to go.
I note, you don’t denigrate Microsoft for the trencherman’s plate of inadequately secure and developed software.
Edited 2010-11-06 20:59 UTC
I agree with you on this. MSE is the best tool when it comes to fast scans, unobtrusive behavior and performance. You will hardly know that it is installed.
However, best does not always mean most effective. I have been installing MSE on systems since it was first introduced. Going so far as to supplant AVG, Avira, Norton and Mcafee on most of my clients systems. Then the support calls came. It seems that quite a few fake Anti-virus programs make it right through MSE. Ahh but all the others failed to catch them too.
Malwarebytes did prevent most of them, provided you pay the one time fee of $25 to get the real-time protection.
So for some things, MSE is not entirely effective. However they did a major update to the MSE client recently and I have been hearing of less things that are getting through, so hopefully the continue to make progress here. On any system I setup I always install Malwarebytes in addition to MSE, if the client does not want to pay the $25 fee for MB. Even the free version of MB is a great removal tool for these nasties.
I wonder if the American government is going to step into this. Their is so many unprotected computers serving as botnets out there that automatically securing them through an update could be in the interest of national security. I guess it sound a little extreme but it is possible.
Question: Would Microsoft be able to change their licensing agreement with the next version for eventualities like this? I mean apple dont have trouble loading Mac OS with all wonderfull add ons like ilife coming as default.
Windows itself could be so much better and a richer experience if Microsoft can make these additions add without being sued all the time.
As a full time Linux user, I don’t worry too much about anti virus software, but recently I installed MSE on a relatives computer (who does not have a broad knowledge of computers) via Windows Update and I find it to be a good program that does not pester you too much but gets the job done–to an extent.
Basically, if you treat your Windows install with care, MSE will help you ensure it is secure. For example, the PC I installed it on has been in use for a year, and MSE was able to detect 6 potential exploits and deal with them accordingly.
I appreciate Microsoft finally making anti virus software built with a insider knowledge of Windows–after all, they made it. Now I hope more people will not have to worry about the annoying nightmares we call Symantec, Norton, etc.
Good luck and safe computing to all!
aust77
The problem is not the six potential Windows exploits that you encountered which MSE successfully dealt with, but rather the unknown number (it might be zero if you are lucky) which you encountered that MSE did not successfully deal with, and which perhaps are now effectively installed on your system and hidden from view so that MSE cannot see them (even if MSE receives a database update it stiil may not see them).
After-the-fact security, such as any anti-malware scanner programmer such as MSE relies on, is doomed to fail in the face of ever-increasing numbers of malware threats. In a year, you say your own PC encountered (at least) six such threats. There were reportedly two million new pieces of malware written for Windows just this last year alone.
Every Windows PC connected to the Internet will encounter new malware threats at an ever-increasing rate. No after-the-fact anti-malware scanner can possibly keep up. Even if the successfult detection rate is a high as 95% (which is pretty good), that means that one is likely to encounter a threat that is not detected once in every twenty exposures.
I’d estimate that the avearge un-infected lifetime of a Windows PC connected to the Internet and used for browsing etc, even one protected by anti-malware such as MSE, is currently down to about 12 months or so. Maybe even less. Given the ever-increasing sheer volume of malware out there, this is only ever going to come down.
So when you say it actually works … Hmmmm. I don’t think so. It can’t work IMO, no matter how well it performs, because of the nature of the problem it tries to address.
This is surely a losing battle if ever their was one.
Have you got any facts to back up your claims about a Windows 7 PC will be most likely infected after 12 months??
MSE or anti-virus program are the last line of defence. Not exposing yourself to risk in the first place, and keeping the your internet enabled programs and operating system up-2-date are preferrable.
Windows 7 regularly updates the default browser and the operating system and does it silently in the background. All the major browsers that run on Windows automatically keep themselves patched, and the firewall is turned on by default. Also the user is not running as root until prompted by UAC. How is this any worse than Linux or Mac OSX?
Lets not forget that the other major Desktop Operating system MacOSX comes with the firewall disabled as <a href=”http://www.macobserver.com/tmo/article/snow_leopard_enabling_the_bu….
Well basically everthing you’ve said applys to all PC’s and operating systems. I think 3rd party software is always going to make user data (the stuff that’s important) vunerable. Basically there is a metric ton of $#!+ that users install on purpose.
Also, if you have 6 exposures per year and need 20 encounters to find the 1 that’s not dealt with, your closer to the 3 year range, not 12 months. Which sounds closer to realistic to me.
Not at all. Only Windows systems face the threat of two million new viruses this year. Because there are so many threats against Windows, the result is that almost any Internet-connected Windows machine will encounter malware threats. The OP said that his Windows system had encountered six that MSE dealt with in a year, and there were an unknown number that MSE did not deal with. The rate at which one encounters malware threats depends on: (1) primarily, if you run Windows, (2) how you use the Internet, (3) how much you use the Internet, and (4) what country you reside in.
Some recent information form Ars:
http://arstechnica.com/security/news/2010/11/fighting-botnets-befor…
Note the text:
So what about that comment? Well, Ars is pointing out ONE threat against Macs, and it is noteworthy because it is unusual, but there are two million new malware threats against Windows systems just this last year alone.
Ergo: the threat against windows systems is many orders of magnitude higher (perhaps even six orders of magnitude) than against other OSes. You are a million times more likely to encounter a malware threat against your system, if you run Windows.
To put this in perspective: if your Windows system encounters six malware threats viable against it within a year, with the same Internet usage it would have taken a million years for you to encounter that many threats if you had used a Mac instead. Probably even longer if you had used Linux.
This (trojan malware) is indeed a problem. The ONLY viable mitigation against this, that I can see, is for users to adopt a self-imposed policy that they install only software that is able to be independently vetted by people who did not write the software and who are commercially independent of those who did write it. This policy paradigm is not viable on any desktop system apart from Linux.
It is just a guess. We don’t know how much the OP used the Internet, and how careful/savvy he/she was, but being an OSNews poster I would suggest places that person in a class prudent enough to be less likely to encounter malware threats (through caution) than normal users. BTW, there were six exposures that the OP knew about and an unknown number that the OP did not know about. Your guess assumes the second number to be zero. Mine doesn’t.
Edited 2010-11-08 23:41 UTC
The idea of MS offering an av program somewhat defeats the point, if this becomes widespread enough then malware will just assume its installed and include code to bypass it and then your back to square 1.
While it’s commendable MS are trying to do something about some of the mess they’ve caused, this is probably the wrong approach. It has always been simple for malware authors to modify their warez to bypass any detection schemes, and any serious malware spread does exactly that on a regular basis.
A much better plan is to ensure the malware never gets to the end user in the first place. Now like it or not, general purpose computers are completely unsuitable for the average guy on the street, a locked down model like the iphone actually works a lot better. The idea of users who have no clue how their computer works, downloading and executing files from arbitrary sites is utterly ridiculous.
There should be a minimum level of technical competence required before your allowed to connect to a public network other than using a device managed by someone else.
Are you aware that is why the release updates to AntiVirus programs??
Will some anti-malware company have a whinge that MS is patching zero day flaws to help stop malware.
Whilst there are times when anti-competition laws should be invoked this is not one of them.
For years companies were pumping out scareware to make money. Is it any surprise that a company that does not have the same motivation would make a better overall product?
How is it anti-competitive, they are making a product available(free to download and not installed by default). They are not making it more difficult for users to install an alternate choice. I think Trend is concerned that a user base that thinks Windows is the only OS choice out there will think everything from M$ is the best….Trend stop crying and use that marketing department!
I’m actually surprised to see so much vitriol directed at Trend Micro. Microsoft has distributed a free, highly-integrated product that performs a task that is (arguably, at least) not a system task, and that competes with existing, third-party products. We should all remember that they’ve done that before, and that the consequences for everyone where significant.
It’s difficult to compete with free, especially if free is platform-integrated to a degree that you’re not. If third-party software manufacturers leave the market, and Microsoft faces no competition, they will stop trying. And this will be bad for everyone.