Microsoft Security Essentials (MSE) shows no vision, expert says

By Eric Ogren, Contributor 10 Aug 2009 | SearchSecurity.com

Security Wire Daily News Digg This!     StumbleUpon     Del.icio.us

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

Microsoft's security program is lost in time.

While it works diligently to bring yesterday's antimalware solution to market with Microsoft Security Essentials (MSE), the company is completely losing the future of security definition to competitors, with recent evidence supplied courtesy of Google's Chrome OS announcement and Check Point's browser sandboxing feature. There are a few points where Microsoft security is losing time.

Refining yesterday's technology
MSE is a signature-based antimalware product that Microsoft intends to make free for consumers, requiring ForeFront Inc. management for commercial organizations. There is not a lot of leadership here. Comcast Corp. users can already get McAfee endpoint protection for free, or users can download free versions of AVG or Avast.

Also, AV-Comparatives applauds Microsoft for a 60% catch rate in its antimalware product. While that is better than McAfee Inc. (25%), Sophos plc (37%) and Symantec Corp. (35%), it still means that Microsoft's scan engine did not detect 2 out of 5 attacks. Even Symantec's Quorum project admits to the futility of yesterday's technology -- Microsoft is just losing time trying to improve it.

MSE joins ForeFront Stirling as security products on multi-year product cycles. MSE is now in public beta to 75,000 lucky people with release to manufacturing late this year, and inclusion into the ForeFront client in the first half of 2010. Meanwhile, threats have moved to Web-based attacks featuring spam, phishing and infected websites. Google may ship an entire OS in less time than Microsoft takes to ship an AV product for businesses.

Losing control of the future
The attractiveness of Google Chrome OS is not its claims to be more secure (Google's software applications do not inspire confidence), but rather in the logic of achieving better security through a new approach. Saving documents in the Google data center lessens the burden of endpoint data security, a barebones OS reduces the attack surface of privileged code to protect, and downloading trusted applications to execute on a temporary basis can simplify configuration management. Many customers are using virtual desktops from Ringcube Technologies Inc. and Virtual Computer Corp., as well as Citrix Systems Inc. and VMware Inc. to assure compliant endpoint configurations. While Symantec and Cisco Systems Inc. focus on reputation filtering, and Trend Micro Inc. tilts its product mix to cloud security services, Microsoft is silent in the dialog for the future of secure computing.

SearchSecurity radio:

Google Chrome OS might be the best thing to get Microsoft security to push the state of the art. An endpoint consisting of a browser, network card, printer, user interface, Microsoft Office, and a handful of personal applications, probably satisfies 95% of the market and could disrupt the security model.

To be fair, Microsoft has made great strides in improving the security of its products. The SDL investments are paying off with solid products such as SQL Server, and they are to be commended for taking the vulnerability problem head on with Patch Tuesday and for attempting to make MSE antimalware ubiquitous on consumer endpoints. However, their security program is far from inspiring given their leadership potential. Bill Gates was able to turn Microsoft into an Internet company over night, but the company is stymied by the security challenges of obsolete approaches. Microsoft is a non-player in the security industry and it would be nice for all of us if that were not true.

Tags: Windows Security: Alerts, Updates and Best Practices,  Web Application and Web 2.0 Threats,  Client security,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Security: Alerts, Updates and Best Practices Windows 7 DoS flaw allows hackers to freeze Microsoft's newest OS Microsoft patches serious Windows kernel flaws Microsoft to address flaws in Windows, Office for Mac Microsoft fixes security update that breaks Internet Explorer What is the best database patch management process? Microsoft addresses critical SMBv2 flaw, fixes record number of flaws Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities Microsoft releases temporary fix for SMB2 zero-day vulnerability Microsoft issues SMB vulnerability advisory, patch pending Attackers target Microsoft IIS; new SMB flaw discovered Web Application and Web 2.0 Threats Web security firm ranks Firefox, Safari browsers as flaw prone Web application vulnerability assessment shows patching progress Layoffs prompt insider threat fears, cybersecurity survey finds Botnet masters turn to Google, social networks to avoid detection Computer worm infections up, scareware antivirus down, Microsoft says Web-based attacks skyrocket, pirating sites surge, security firms say Kaspersky system analyzes malicious URLs on Twitter for malware Pushdo botnet uses Facebook to spread malicious email attachment Do Facebook URL security concerns justify blocking social networks? Gumblar Trojan drive-by exploits spike following Adobe update Client security InZero Systems launches hardware-based security gateway DLP technology challenges security costs Endpoint protection best practices manual: Combating issues, problems Kaspersky update for SMBs in wake of free Microsoft Security Essentials Microsoft makes free antivirus software widely available Security best practices in hotels Best Antimalware Products Perimeter defense in the era of the perimeterless network Smart tactics for antivirus and antispyware Top tactics for endpoint security

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary BotHunter  (SearchSecurity.com) principle of least privilege (POLP)  (SearchSecurity.com) security identifier  (SearchSecurity.com) trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary