Microsoft Security Essentials review

13 Oct 2009

Far from a comprehensive security suite, but it's free, simple, light - and impressively effective


It's called Microsoft Security Essentials - and it really means bare essentials. Not that we expected the moon on a stick, considering the package and updates are completely free, but next to commercial security suites the feature set looks laughably thin. There's no firewall, no web protection, no email scanner and precious few user settings.

But although malware can arrive from many directions, it almost invariably works by dropping a malicious executable onto your PC, and that's where Security Essentials focuses. It examines files on access to intercept malware before it can launch, and for extra security it will also run more extensive scans to a user-defined schedule.

It's the oldest approach in the book, but it should cut off most attacks so long as the malware database is up to scratch. And, happily, in our tests Security Essentials picked up 96% of our sample malware, putting it on a par with respectable commercial packages such as F-Secure Internet Security 2010.

Thanks to Security Essentials' limited remit it's very simple to use, presenting only a clean four-tabbed window and a system tray icon. And it has relatively little impact on your system resources. Installing it on our Vista test system increased idle RAM usage from 499MB up to just 583MB - 3MB below our A-Listed Avira Premium Security Suite.

Boot time was entirely unaffected by the software, and we saw a mere extra seven seconds of CPU activity after the desktop appeared. This was considerably less than the 15 seconds incurred by Avira, though of course Avira has many more components to initialise.

We have some nagging doubts about Security Essentials' ability to cope with the newest and most aggressive threats. It remains to be seen how the package will cope with rootkit-type exploits that run parts of the OS in a virtual environment.

And automatic signature updates are rolled into scheduled scans, so if you scan infrequently your malware definitions can get quite out of date. During extended testing we saw the software at one point go for three days without an update. That looks slack compared to the likes of F-Secure and Trend Micro, whose "in the cloud" databases can be updated within seconds of new malware being identified.

For these reasons we hesitate to recommend you abandon a paid-for security suite in favour of Security Essentials. But, if you have a machine that's currently without security software - whether for reasons of performance or price - installing Security Essentials should be a no-brainer. Indeed, there's no longer any excuse for running an unprotected machine, and that alone should make Security Essentials a huge success.


Software subcategory Internet security


Processor requirement None

Operating system support

Operating system Windows Vista supported? yes
Operating system Windows XP supported? yes
Operating system Linux supported? no
Operating system Mac OS X supported? no
Other operating system support Windows 7