November 09, 2010, 1:55 PM — Microsoft should start offering Windows users free antivirus software from a range of companies and not just promote its own Security Essentials product, a rival has said.
If it doesn't, Microsoft risks creating a security software monoculture that could still leave millions of PCs without adequate protection, or so comments Panda Security's Lab chief, Pedro Bustamente in a sharply-worded blog.
Microsoft started offering the free antivirus program in 2009, since when it has gained in popularity to the extent that is now runs on more than 31 million PCs worldwide, the company said a month ago. The software has since also been released for SMEs.
[ Counterpoint: ITworld's Kevin Fogarty comes to the defense of Microsoft Security Essentials. ]
Panda Security is among a small but growing number of security companies offering a similar free antivirus product without strings, but the success of the Microsoft brand has clearly created some concern. Post-Security Essentials, basic antivirus is becoming a free class of software thanks to the power of Redmond's brand steamroller.
At least one other company, Trend Micro, has also complained that Microsoft is now also promoting Security Essentials using the Microsoft Update Service (which is distinct from Windows Update).
In Bustamente's view, Security Essentials' first limitation is that it can only be downloaded by licensed users of Windows. The large population of non-licensed Windows users will never be able to use the software.
"The reality is that the measure will have little impact as millions and millions of unlicensed Windows PCs will continue spreading viruses and infecting the rest of us," says Bustamente.
For purely pragmatic reasons, Microsoft should disconnect its licensing policy from Security Essentials.
A second issue is that pushing the software through Microsoft Update will succeed in creating a security monoculture.
"Right now hackers have to worry about bypassing multiple antivirus products and protection layers every time they release a new piece of malware. Having to bypass only one AV product makes their life so much easier."
Microsoft probably can't win, whatever it does. As the OS vendor, it is the only company able to push some kind of security software on undefended but licensed PCs using its updating systems, which many see as a basic responsibility. Poorly defended PCs create problems for the Internet as a whole.