Microsoft to deliver free antimalware next Tuesday
Microsoft Corp. today said it will release a public beta of its free antimalware software, now called Microsoft Security Essentials, formerly "Morro," next Tuesday for Windows XP, Vista and Windows 7.
Although Microsoft was vague about a final ship date -- saying only that it would wrap up sometime this year -- it was crystal clear that it will deny the program to PCs running counterfeit copies of Windows.
Microsoft pitched Security Essentials as a basic antivirus, antispyware program that boasts a simplistic interface and consumes less memory and disk space than commercial security suites like those from vendors such as Symantec Corp. and McAfee Inc.
"This is security you can trust," said Alan Packer, general manager of Microsoft's antimalware team, when asked to define how it differs from rivals, both free and not. "And it's easy to get and easy to use."
He stressed the Security Essentials' real-time protection over its scanning functions, which are both integral to any security software worth its weight. "Rather than scan and clean, which it also does, it's trying to keep you from being infected in the first place," Packer said.
One of its most interesting features is what Microsoft calls "Dynamic Signature Service," a back-and-forth communications link between a Security Essentials-equipped PC and Microsoft's servers.
If Security Essentials detects something suspicious, whether code or behavior, but can't pin either to a specific piece of malware, the software "phones home" to Microsoft servers to relay a short burst of information.
"If it sees something new, like a new binary, the client queries the back end," Packer said. "The server can then ask for a sample, which the client sends as a hash." At that point, if Microsoft has created a signature for the threat, that signature is immediately pushed to the PC. Security Essentials will ask the user's permission before sending a sample, Packer noted.
Security Essentials is the first Microsoft antimalware product to use Dynamic Signature, and the feature will be added early next year to the enterprise-grade Forefront line. "We actually identify [the things that trigger a 'phone home'] fairly loosely," Packer said. "We have a list of known good software, of course, but outside that, if a program is doing things like hooking Autostart points in the registry, or trying to kill other processes, Essential will query the servers."
Normally, signature updates are sent to Security Essentials daily via the Microsoft Update service, a superset of the better-known Windows Update.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
