Microsoft Security Essentials designed to cover the basics
Microsoft has admitted Windows users should install antivirus above and beyond its own Security Essentials, describing its protection as merely a "baseline" that will "always be on the bottom" of antivirus software rankings.
Microsoft launched Security Essentials in 2009, raising complaints from antivirus rivals that such software shouldn't be bundled with Windows for competition reasons.
However, the most frequent complaint about Security Essentials is that it's not good enough: it flunked a pair of tests earlier this year – including one from Dennis Technology Labs.
Now, Microsoft has said it sees Security Essentials as merely the first layer of protection, advising customers to use additional, third-party antivirus – although the company stressed that wasn't because the product wasn't good enough to stand on its own.
Holly Stewart, senior program manager of the Microsoft Malware Protection Center, told Dennis Technology Labs that Microsoft made a decision to switch to what it calls a "baseline strategy".
"We had an epiphany a few years ago, back in 2011, where we realised we had a greater calling and that was to protect all Microsoft customers," she said. "But you can’t do that with a monoculture and you can’t do that with a malware-catching ecosystem that is not robust and diverse."
Rather than focus on making its own antivirus the best in the business, Stewart said Microsoft was "doing everything we can to protect against real threats" and passing data on those threats to antivirus makers, so multiple parties can target the problems.
"It’s not as efficient to have one kind of weapon," she said. "Like anything you must have that diversity. It’s a weakness to just have one."
Previously, Microsoft would spend resources trying to improve Security Essentials' performance in tests. "We used to have part of our team directed towards predicting test results and figuring out what might be in someone’s test. There’s always a cost to that," she said. "If they are doing that work they are not looking at those threats that are affecting our customers. We always felt that was wrong. There’s something not right about that – we’re not doing the best job for our customers."
The company decided to stop that practice and put its effort elsewhere. "We put half of those people on focusing on what we call prevalent threats. We developed this new telemetry to look for emerging threats – sort of an early notification system that new threats were emerging. We had this group of folks start focusing on those threats and we saw that it increased our protection service level for our customers."
In practice, it means Microsoft is focusing on tracking emerging threats and sharing that data within the security industry, saying that's a more meaningful way to protect customers.
However, Stewart said offering antivirus firms that data, and no longer focusing on how well Security Essentials does in tests, will likely leave Microsoft's antivirus at the bottom of the charts.
"We’re providing all of that data and information to our partners so they can do at least as well as we are," she said. "The natural progression is that we will always be on the bottom of these tests. And honestly, if we are doing our job correctly, that’s what will happen."
She added that Microsoft wants "everyone to do better than us because we know that makes it harder for the bad guys".
"The more we can help them [antivirus firms] differentiate themselves and give customers a good reason to pay for their products we know that that diversity is going to make it harder for the people who are our real competitors – the bad guys who are out there," she said.
Baseline's not bad
She said that shouldn't be seen as Microsoft leaving customers unprotected, claiming the company is merely focusing on the most serious threats.
"Baseline does not equal bad," she said. "We provide a high-quality, high-performing service to our customers and if they choose not to buy [antivirus] on Windows 8… we want to get those people protected."
Stewart stressed the change in approach had nothing to do with anti-trust concerns surrounding bundling its own antivirus with Windows.