Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security Microsoft Windows Technology

MS Adds Security Suite To Update Service, Antivirus Rival Objects 324

CWmike writes "Microsoft has started adding Security Essentials to the optional download list seen by US Windows users when they fire up the operating system's update service, and antivirus rivals are crying foul. 'Commercializing Windows Update to distribute other software applications raises significant questions about unfair competition,' Carol Carpenter, a GM at Trend Micro, said on Thursday. 'Windows Update is a de facto extension of Windows, so to begin delivering software tied to updates has us concerned,' she added. 'Windows Update is not a choice for users, and we believe it should not be used this way.' If Windows doesn't detect working security software on the PC, Microsoft adds Security Essentials to the Optional section of Microsoft Update, a superset of the better-known Windows Update, or to Windows Update if it has been configured to also draw downloads from Microsoft Update. Microsoft made a point to say that it was not offering the software via Windows Update, but only through the Microsoft Update service, which also offers patches for new versions of non-operating system software, notably Office and Windows Media Player. But most users won't understand the distinction."
This discussion has been archived. No new comments can be posted.

MS Adds Security Suite To Update Service, Antivirus Rival Objects

Comments Filter:
  • No need to fuss (Score:2, Insightful)

    by alphatel ( 1450715 ) *
    Any good Windows administrator knows that you can't rely on a Microsoft product alone to solve your virus/trojan/keylogger/spyware/whatever problems.
    • Re: (Score:2, Insightful)

      And Any good Linux administrator knows that you can rely on a Microsoft Product alone to acquire virus/trojan/keylogger/spyware/whatever problems.

    • Re:No need to fuss (Score:5, Insightful)

      by MightyMartian ( 840721 ) on Friday November 05, 2010 @03:42PM (#34141532) Journal

      As much as I can't stand a lot of what Microsoft does, Security Essentials is not a bad program all in all. It's certainly more lightweight that than travesty from Norton and more reliable than the other "free" or "semi-free" AV programs. I still prefer F-Prot because it's the king of small footprint AV, but I have no problem with Security Essentials, and if it's part of Windows Update, I'm assuming that soon enough we'll be seeing in WSUS, which, when combined with the GPO software installation facilities in AD, will replicate the high-end corporate AV.

    • Re:No need to fuss (Score:5, Insightful)

      by IB4Student ( 1885914 ) on Friday November 05, 2010 @03:43PM (#34141546)
      Windows Firewall and MSE is better than most other solutions for home users.
    • Re:No need to fuss (Score:4, Informative)

      by Enderandrew ( 866215 ) <enderandrew@gmSTRAWail.com minus berry> on Friday November 05, 2010 @04:23PM (#34141982) Homepage Journal

      This is only being suggested to people with no anti-virus solution on Windows. Those people likely don't know what they're doing.

      And actually, I'd recommend Microsoft Security Essentials over Symantec, McAffee, etc.

      • And it's an optional package, not like it's rolling out automatically. I don't see a problem here.

        The whole thing is particularly funny given that I dislike the antivirus industry in general.

    • You are mistaken (Score:3, Insightful)

      by lpq ( 583377 )

      Since MS, has never offered such a product before, I can't see how *anyone* would "know that you can't rely on a Microsoft product alone to solve your virus/trojan/keylogger/spyware/whatever problems".

      Considering I've run for well over a decade without ANY such product -- and doing so solved my 'problems' (non-existent) just fine, then how can adding such a product not create benefit (providing one doesn't mind the inevitable hit in performance for real-time/on-access scanning malware scanning.

      It's networke

  • by Bigjeff5 ( 1143585 ) on Friday November 05, 2010 @03:40PM (#34141474)

    But isn't this both optional and free?

    I don't see the problem at all. It's not like IE, which was free and mandatory (it's still free and bundled).

    • Re: (Score:3, Informative)

      by cdrudge ( 68377 )

      Yes. Trend Micro's beef with the issue is not that Microsoft has the security suite, but that it's including it in Windows Update. Given a choice between just "updating" your machine to install the security suite and forcing people to go search for other options, people are going to go with the update. Further, by putting it in with the updates it gives people the sense that they need it as part of a fully patched system, when it's not necessary and there are competing products that may be better.

      • by leonardluen ( 211265 ) on Friday November 05, 2010 @03:57PM (#34141734)

        Shouldn't security be the purpose of the OS itself? Trend micro and other Antivirus software doesn't have a right to exist. the OS itself should theoretically already protect itself.

        i guess i have no sympathy for them. and as much as i normally don't like MS i guess i am on MS's side for once.

        • by random coward ( 527722 ) on Friday November 05, 2010 @04:06PM (#34141816)
          I tend to agree with the above. I intended to post basically the same. Software added to the OS to fix security flaws in the architecture has a good argument as being part of the OS. If MS hadn't tried to claim the browser was a core part of the OS I doubt many people would have an issue with this being added.
          • by Bigjeff5 ( 1143585 ) on Friday November 05, 2010 @04:34PM (#34142096)

            Most of Microsoft's anti-trust trouble, at least in the US, had nothing to do with bundling the browser anyway. It gave them more trouble in Europe, but here the problem was MS was threatening PC retailers who wanted to bundle other browsers (namely Netscape) with their systems.

            That's anti-competitive behavior, and we have laws against it. Europe reacted more harshly and forced MS to not ship Windows with a default browser. It ships with IE, but you have to set it as your browser of choice first.

          • Comment removed based on user account deletion
        • by Guspaz ( 556486 )

          I feel exactly the same way. Antivirus manufacturers are making a buck off Windows' insecurity. Nothing wrong with that, they were filling a need. But they also don't have any moral grounds to complain when Microsoft tries to improve said security.

        • by 99BottlesOfBeerInMyF ( 813746 ) on Friday November 05, 2010 @04:55PM (#34142340)

          Shouldn't security be the purpose of the OS itself? Trend micro and other Antivirus software doesn't have a right to exist. the OS itself should theoretically already protect itself.

          Correct, but Microsoft waited until a market had built up around the insecurity of Windows before they introduced a product of their own. Since they did not proactively address security, they are legally obligated to compete in the market they created on a level playing field with other companies already in that market. That means if they use Windows or products bundled with Windows to provide an advantage for their security suite, they are legally obligated to provide the same to competitors. Where do the other AV vendors sign up to be included in Windows update?

        • While I agree that MSE is better than nothing (and possibly better than competing anti-virus software), I would much rather MS fix the problems that necessitate anti-virus in the first place. It's like having a screen door for a submarine, then offering optional window panes.

          • Re: (Score:3, Insightful)

            by fluffy99 ( 870997 )

            While I agree that MSE is better than nothing (and possibly better than competing anti-virus software), I would much rather MS fix the problems that necessitate anti-virus in the first place. It's like having a screen door for a submarine, then offering optional window panes.

            Well part of the problem is users are stupid enough to download crap that has trojans in it. No amount of OS hardening can prevent a user from deliberately installing malware.

          • Re: (Score:3, Interesting)

            by lgw ( 121541 )

            I would much rather MS fix the problems that necessitate anti-virus in the first place. It's like having a screen door for a submarine, then offering optional window panes.

            How, exactly, would that work? In Win7 and Win2008r2 MS has basically caught the competition in terms of security. There isn't a lot of stuf running by defaut (especially in the server OS), there aren't many ports open, you need to elevate to admin rights to do most dangerous things.

            There's simply no way for a consumer or "power user" OS to prevent the user from being tricked into installing malware. If you allow the user to install software at all, social engineering does the rest. Also, no one (beside

          • Re: (Score:3, Interesting)

            by drsmithy ( 35869 )

            While I agree that MSE is better than nothing (and possibly better than competing anti-virus software), I would much rather MS fix the problems that necessitate anti-virus in the first place.

            They can't. The problems that need an AV to solve are in the user, not the software.

      • by Anonymous Coward on Friday November 05, 2010 @04:00PM (#34141772)

        Except its listed in the Optional section, which is completely ignored if you just keep clicking next on Windows Update like 99% of people, and it only shows up there at all if you don't have any other AV installed. Seems fairly reasonable to me (and I truly fucking hate Microsoft and everything they do).

      • by tgd ( 2822 )

        Its including it for people without any security software already.

        If Trend Micro's crap didn't get bought by the sucker^H^H^H^H^H^Huser already, odds are pretty low they will at that point.

        • Yeah, I'm not sure what their product is like lately, but when I got my laptop in 2003, it came with Pc-Cillin. Immediately upon first boot right after freshly installing the OEM disk image, it would lock up the system taking up all the resources. I could uninstall it, but the process was a pain with that much bloat.

          I can't imagine why they'd be having trouble getting more customers.
      • It's an optional update, which means it won't actually autmoatically install. The user has to manually check for updates and select the optional ones they want.

        It's also a really stupid thing to complain about, as if providing another avenue for downloading MSE is really changing anything. It's on the web; Windows comes with a web browser. It's one of the options recommended by Security Center for systems without AV. It's free no matter how you get it; they aren't adding cutting the cost or letting some peo

      • Further, by putting it in with the updates it gives people the sense that they need it as part of a fully patched system, when it's not necessary and there are competing products that may be better.

        Except that there are the essential updates, which are selected by default, and the optional updates which are under a completely different list (you have to click a button to even display them).

        Most people ignore the optional updates, and this shows up under the optional updates.

        Again, what's the problem? Microsoft is putting out something to reduce the number of malware infected machines out there and people are upset? Really?

      • by PRMan ( 959735 )
        Actually, I would say that clueless Windows users won't do this. They are used to going to websites, whipping out a credit card and doing an install. But most users have no idea how to get into the advanced screen in Windows update to add optional items.
      • Re: (Score:3, Informative)

        by Deathlizard ( 115856 )

        From the article, it says that it won't pop up unless you either have no AV product, or the AV product is expired. And even then, you have to manually browse windows update to see optional updates.

        It's not like you're going to turn on your PC, and all of a sudden it's on there out of the blue.

  • by Angst Badger ( 8636 ) on Friday November 05, 2010 @03:41PM (#34141508)

    But most users won't understand the distinction.

    Outside of some very specialized applications, that sentence could apply to almost any software.

  • If it'll get rid of this Ozzy Osbourne virus, the FanFan trojan, and others infecting my machines that Trend doesn't even see, then hey, go for it.
  • This Space For Rent (Score:3, Interesting)

    by blair1q ( 305137 ) on Friday November 05, 2010 @03:45PM (#34141570) Journal

    Why doesn't Microsoft just put a container in Windows Update for security companies to rent space to present download links?

    Or is that how Security Essentials got there and the people "crying foul" are just sore that they'll have to pay, too?

    • by geekoid ( 135745 ) <{moc.oohay} {ta} {dnaltropnidad}> on Friday November 05, 2010 @03:48PM (#34141618) Homepage Journal

      Because anti-virus companies make software so bad, even Microsoft doesn't want the association.
      I think SE got there because MS learned something from the Browser anti-competitive issues.

    • Or better yet (Score:4, Insightful)

      by name_already_taken ( 540581 ) on Friday November 05, 2010 @03:48PM (#34141628)

      Why doesn't Microsoft just put a container in Windows Update for security companies to rent space to present download links?

      How about an App Store?

      /cue delusional whining about App Stores being the start of a slippery slope to concentration camps and lockdown.

      • Re: (Score:3, Insightful)

        by mlts ( 1038732 ) *

        You mean the one in Windows 8?

        From what I've read, Microsoft is planning to have a Marketplace for installing applications in the next version of Windows. This will be nice because I can either tell people to only install software from there and nowhere else. In businesses, group policies can be set to enforce this. Result: One major vector for infection gets sealed.

        I'm all for application markets, provided it isn't locked down to a single vendor. The OSS market has used repositories for decades, and t

    • Re: (Score:3, Insightful)

      by Bigjeff5 ( 1143585 )

      Security Essentials is free.

      It's also better than Trend Micro's AV, so you can see why Trend Micro is angry.

      Instead of improving their product to compete, they whine, even though Microsoft has done absolutely nothing wrong here (and frankly, a lot of good if it gets people who don't have AV to install something).

      MSSE is certainly no the best AV out there, so there is plenty of room for competition.

      • by blair1q ( 305137 )

        So Microsoft should add a link to Trend Micro's product, and a column with a star-rating.

        It'd cost them nothing but time to write the disclaimer.

  • Oh, the outrage! (Score:5, Insightful)

    by MechaShiva ( 872964 ) on Friday November 05, 2010 @03:46PM (#34141584)
    The whole anti-virus industry seems like an artificial market. I wonder if they privately throw fits every time Microsoft releases patches to close potential security holes too. I mean, extending the argument, doesn't a more secure base system minimize the need for the full time, bloated nanny programs most of these companies provide; thus eroding their market share similarly? Those dirty bastards!
  • by atarione ( 601740 ) on Friday November 05, 2010 @03:47PM (#34141592)

    forefront and MSE are actually pretty good (MSE being built from forefront).

    Their foot print on a system is quite reasonable (unlike many av suites) they do a good job of doing what they should do and staying out of the way. We all pay the price of way to many totally unsecured systems connected to the internet. FTFA the update only appears when no security software is detected on the system, So this will be being offered to users that would otherwise have no av protection at all.

    I can see where MSE being offered free (and now offered via windows updates) would make other av vendors unhappy ..but f*ck them far to many of the consumer orientated av offering are just terrible bloated piles of junk.

    • Their suites offer more functionality, and if they are coded well are faster and have better detection rates. MSE is good stuff and I happily recommend it to anyone who needs "free" to be the price point. However there are plenty of good suites out there that improve upon it. If you look at AV comparatives you'll notice the good ones have better detection rates, and faster scanning. Then, of course, the full on "security suites" offer things like nicer firewalls and so on. I like MSE, but I pay for ESET Sma

      • Re: (Score:2, Informative)

        Just an FYI regarding firewalls - if you're on Win 7, there's no need to pay for a firewall because Win 7 finally has a good built in firewall.
        • Win7's firewall is almost identical to Vista's, but yes, they are quite good (XP's is much better than nothing, but a long way from good).

        • Windows has had a decent firewall since XP SP1.

          The GP said he likes the security suites because they have nicer firewalls, not necessarily better ones. Some firewalls make management a lot easier than Windows Firewall does, so I can see the point, but I have to wonder what you're doing if your firewall management is a major hassle.

    • IE4 was actually pretty good.

      Its footprint was quite reasonable (unlike Netscape Communicator 4). It does a good job of rendering all web pages I visit, and faster too. We all pay the price when WWW innovations were being dictated only by a single browser, and I did not want to see yet another Geocities page with blink tags all over.

      I can see where IE4 being offered free (and then being offered via Service Releases) would make Netscape unhappy .. but f*ck them, Netscape is just a terribly bloated pile of ju

    • It also seems worthwhile to note that AV vendors are not entitled to their businesses. They're running a business model that's largely dependent on MS Windows being horribly insecure, and insofar as Microsoft improves security, they're always going to lose out.

      Really, I shouldn't need to buy a security suite in order to run my computer securely. Any security measures *should* be part of the OS.

  • by bradley13 ( 1118935 ) on Friday November 05, 2010 @03:47PM (#34141600) Homepage

    While I'm no MS fan, this is a good thing. Note: they only add MSE if no other virus checker is present. MSE actually does a pretty decent job, and it is a lot less intrusive than version McAfee, Norton, etc. available to private users.

    Microsoft has a vested interest in improving the security of Windows without disturbing the rest of the user experience. Their motivation for MSE is roughly the same as the users'.

    It has always bothered me that the interests of Norton, McAfee and the rest are not aligned with the user. You want a clean, fast machine. They want to sell you AV subscriptions. Which means they want to convince you how necessary those are. False alarms are fine, as are in-the-face dialogs and interruptions to remind you what a wonderful piece of crapware you have on your machine.

  • GOOD! (Score:4, Informative)

    by DIplomatic ( 1759914 ) on Friday November 05, 2010 @03:48PM (#34141604) Journal
    Good! I personally love Microsoft Security Essentials. It does exactly what you want in a Virus Protection Program: 1) Keep an icon in the system tray indicating that "You Are Protected" 2) Stay out of your way and use very few system resources.
    In all seriousness, I am a corporate IT technician and I prefer MSE over any other memory-hogging, system-crippling, scaring-you-with-false-warnings virus program out there.
    Plus it's FREE. FREE!
    • Re:GOOD! (Score:5, Funny)

      by Dachannien ( 617929 ) on Friday November 05, 2010 @03:58PM (#34141750)

      1) Keep an icon in the system tray indicating that "You Are Protected"
      2) Stay out of your way and use very few system resources.

      I dunno.... seems like there's something missing from this specification.

      • by BobMcD ( 601576 )

        1) Keep an icon in the system tray indicating that "You Are Protected"
        2) Stay out of your way and use very few system resources.

        I dunno.... seems like there's something missing from this specification.

        FYI, it once caught something that Symantec missed.

        It isn't stellar, but it does work at least as well as the rest do.

      • Meh, AV's only fix things that are well known anyway, so as long as it's a functioning AV it isn't that much worse than anything else out there.

        On that score, MSE is pretty good anyway, so it's a no-brainer for home use.

    • Comment removed based on user account deletion
  • Bloatware (Score:3, Insightful)

    by Robadob ( 1800074 ) on Friday November 05, 2010 @03:53PM (#34141698)
    Most of the well branded av's are just packed full of bloatware and getting worse. It's even got to the point now that alot of free software which i have installed also installs mcafee smartscan or a similar product to my desktop without allowing me to not install them. Isn't there something foul about this? Personally i use the lesser known eset's nod32 and i think it does a good job.
    • I'm a big fan of nod32, especially on my work domains. The AV has always rated very well, with good detection, reasonable footprint and speed. The management functionality for the domain is ridiculously comprehensive and flexible.

  • The only reason they are bitching is they want the money for charging what MS is giving away for free. MS *should* have provided better protection for their operating system years ago, and AV companies have had a free ride overcharging for something that should be a core part of the operating system. Now that MS is finally making security a part of the OS and not an add on product, the fear mongers of the AV word are having kittens because their gravy train has been derailed.

    Security should NOT be conside

    • by BobMcD ( 601576 )

      Security should NOT be considered "separate" from the operating system. Not to be cliche, but ask any Linux admin....

      While I do agree with the sentiment, I'm not aware of any Linux with kernel-level AV.

      • While I do agree with the sentiment, I'm not aware of any Linux with kernel-level AV.

        I don't run any AV on any Linux box at all, as it isn't needed. Because it is on Windows systems, it is needed and has been for a long time, due to the design, popularity and vulnerability of Windows. In other words, you can't compare a single aspect of security between the two, and instead consider general security as a whole. MS has gone as far as having hooks in the OS for AV, demonstrating it is designed for this typ

        • by BobMcD ( 601576 )

          You don't run AV because you're not under a severe enough attack - NOT because you'd be adequately protected if you were.

          I realize I don't need to tell someone like yourself this, but you're omitting it, and I think it harms your position. Despite Linux's design, it can and does fall under attack, and it receives continuous security updates as a result of that. Were the attacks to expand into the ferocity that they do in Windows, you'd need to add AV.

  • When I buy Windows, it should include virus protection that works - and continues working for at least a couple years without my paying any additional costs. Viruses exploit software defects produced by Microsoft. They are Microsoft's fault. Microsoft should bear the cost of protecting me from them. It's obvious that MS will not ship products that are inherently safe from viruses due to bad programming. So MS must ship an OS that includes an effective virus protection system to protect it as an extra layer.

  • .. is not bundle an extra program,but take out all the ones.
  • I don't know much about WIndows, I've heard it has improved since Windows 3.1 and that's about it. I am used to GNU/Linux distributions giving me all the latest software when I apt-get update or emerge sync;emerge -uv world or yum update or whatever. I never go to some website to get or update some piece of software, the OS has some feature which lets me do that. If Windows Update would be able to do something like that then it sounds to me as if it's a very good thing. Perhaps not so good as long as it onl
    • Re: (Score:3, Insightful)

      by fluffy99 ( 870997 )

      I don't know much about WIndows, I've heard it has improved since Windows 3.1 and that's about it. I am used to GNU/Linux distributions giving me all the latest software when I apt-get update or emerge sync;emerge -uv world or yum update or whatever. I never go to some website to get or update some piece of software, the OS has some feature which lets me do that. If Windows Update would be able to do something like that then it sounds to me as if it's a very good thing. Perhaps not so good as long as it only lets you grab Microsoft software, and it would likely be hard for them to add too much other software being that Windows typically means non-free software, but still.. this sounds to me like a step in the right direction. But as said, I don't really know that much about the Windows world.

      So you haven't a clue about recent Windows or how windows update works, but you opted to chime in anyway? Go crawl back under your Linux rock. Redhat 6 sucked, so it must still suck....

  • by Zero__Kelvin ( 151819 ) on Friday November 05, 2010 @04:12PM (#34141882) Homepage
    I actually hate Bill Gates, and despise Microsoft and almost all of their practices, but even I have to say that this is an excellent idea, and Trend Micro should go screw themselves. Microsoft has directly contributed to the Virus problem to the point where it is accepted and expected by most people. Now they are actually offering a free tool to clean up their mess to some degree. This isn't like the browser scenario, where they were looking to embrace and extend to own the Internet. Antivirus isn't an application like Word, or a web browser where people will need and want it regardless of OS. It is a necessary evil. If a company offered free smoke detectors to anyone who didn't already have them, would anybody seriously be arguing that said company is Antitrust?
    • by santax ( 1541065 )
      Depends... if that same company tried to sell me a home with a unsafe oven I would think twice about the value of that free thing. In my world, where we use linux or bsd, we have no viruses because the system has been build like a house with a very very safe oven that can not overheat and burst into flames. What MS is doing here is first sell you a lacking product (lacking in safety) and than years later (it has been years) supply you with a free patch that stops SOME but not all of the spontaneous fires in
      • I agree that they first sold a product lacking safety, but it wasn't the oven, it was the house. Obviously, it would be much better if Microsoft suggested you replace the shoddy house (Windows) with a well built one (Linux, BSD, etc.), but let's face it: that isn't going happen. The least they can do is provide a free smoke detector, so that when an intentionally dangerous oven (malware) get's installed in place of the nice safe one you bought by the malicious person who easily broke into the poorly secur
        • by santax ( 1541065 )
          Yeah you are right. I am not assaulting them for it. It's just that I noticed this response and had to react. But indeed. It's cool of them to think of and provide of ways that will lead to a better, safer product for all of us.
  • by flimflammer ( 956759 ) on Friday November 05, 2010 @04:14PM (#34141892)

    I don't really understand why Microsoft shouldn't be allowed to include their own security software. Microsoft should purposely leave end users high and dry when it comes to something as important as computer security (something that the OS should take care of) for the sole reason that they don't have even the slightest edge against the competing security software makers?

    This reminds me of a year or so ago when there was opposition from security software groups against Microsoft because they closed up access to a few things that those groups used for their antivirus software. Something that no one really should have had access to in the first place. You can't cry that Microsoft software isn't secure and then cry foul when Microsoft actually works to improve security.

    • Re: (Score:3, Interesting)

      by cbhacking ( 979169 )

      You're presumably referring to PatchGuard, the protection Microsoft implemented on the x64 version of the Vista kernel (about 4 years ago, actually). Symantec and McAfee threw hissy-fits over the inclusion of anti-rootkit protection that also happened to block their rootkit-like method of hooking into the kernel. After much whining and threatening of lawsuits, MS relaxed the protections such that the kernel could still be modified, provided the modifying code had a trusted digital signature. This is a lot w

  • From TFA: Microsoft adds Security Essentials to the Optional section of Microsoft Update

    Items in the optional section aren't automatically downloaded or installed, nor does a user even see them unless he/she clicks on a separate button to view the optional updates. MS is offering an optional & free program to protect users from Malware, and a user has to go out of his/her way to see and select that program before it'll be installed, and it's only offered to users who don't already have another AV progr

  • Some may suggest that Windows Update is now Microsoft's "app store" and claim that they are doing what every other operating system vendor is now doing. But you have to remember that the rules are different for Microsoft. Microsoft has been declared a monopoly by a federal court, and therefore must play by different rules.

    Microsoft should have been divested when the court had the chance.
  • I remember a similar discussion when Microsoft added a TCP/IP stack to windows, the vendors like Winsock were really upset.

    I'm not sure if I see a difference here, but anyone who used TCP/IP before it was added into the OS knows now what the correct choice was.

  • I don't like Microsoft's market tactics, but the sooner they make the "Security Ecosystem" redundant the better.

    We Linux geeks know how nice it is to not have to deal with dozens of "security" vendors.

    --
    BMO

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...