Microsoft in major Security Essentials 2.0 overhaul
Major rewrite for free antivirus program
After a mysteriously quiet launch late last week, Microsoft has released version 2.0 of its free Security Essentials (MSE) antivirus client.
Apart from the version number, most users will be hard pushed to see any differences between versions 1.0 and 2.0 with most of what's new buried under the hood.
The first important upgrade is the new anti-malware engine which, if the aims of the beta program are anything to go by, will attempt to boost the detection of state-of-the-art Trojans. Version 1.0 was not reported to have a major problem on this score, but Microsoft must have spotted a weakness.
A second and intriguing upgrade is the addition of the same network inspection system used in the Forefront Endpoint Protection client sold to businesses, also refreshed last week.
This performs packet-level inspection on network traffic to spot attacks based on software vulnerabilities that can be related to profiles in a database. This doesn't block attack executables or signatures so much as the follow-up traffic patterns that betray that an exploit is being opened.
This is the sort of technology that could stop the next Stuxnet from happening, at least assuming that the vulnerability being aimed at is known and in Microsoft's database. Many won't be but some will.
MSE 2.0 also integrates itself with the web filtering settings in Internet Explorer 9.0 and allows some control over the Windows Firewall.
Inside the program itself, there are a few tweaks here and there, including a change in how quarantined files are deleted (time limits can now be set), and the ability to define whether ingoing and outgoing files are monitored which might or might not (it's difficult to tell) relate to the way that Windows Firewall monitors outgoing traffic in Vista and Windows 7.
Why the secrecy for a program that is turning out to be hugely popular and well-regarded?
That very popularity and sensitivity to rivals companies, the majority of whom still charge for their antivirus programs, might explain the low-key launch. The company does not want to be seen in the US as endangering anyone's business model even though that is almost precisely what is happening. It wants the program to be used without the company being seen to market it.