posted by Thom Holwerda on Fri 17th Dec 2010 22:06 UTC, submitted by poundsmack
IconWhile Microsoft's Security Essentials has been very well received because of its small footprint and unobtrusive nature, it didn't always rank among the very top when it came to its detection rates. Overall, I'd still say it's one of the best antivirus tools. Now, with version 2.0, Microsoft has improved the detection mechanisms, but of course, it'll take some tests before we can see how effective they are.

The major new feature here is improved heuristic scanning, which should improve detection rates, but possibly at the cost of more false positives. Contrary to what most other sites are reporting, Security Essentials did not rely solely on definitions in version 1.0; it has always had heuristic scanning, it's just that version 2 has a better engine.

Another major addition is network inspection. This feature makes use of thw Windows Filtering Platform introduced with Windows Vista, which is also included in Windows 7 (but not in XP - but then again, XP is an old turd and you need to move on). I'm sure the following explanation makes a lot of sense to those in the know (I only vaguely get it)."

Windows Filtering Platform is a new architecture in Windows Vista and Windows Server 2008 that enables independent software vendors (ISVs) to filter and modify TCP/IP packets, monitor or authorize connections, filter Internet Protocol security (IPsec)-protected traffic, and filter remote procedure calls (RPCs). Filtering and modifying TCP/IP packets provides unprecedented access to the TCP/IP packet processing path. In this path, you can examine or modify outgoing and incoming packets before additional processing occurs. By accessing the TCP/IP processing path at different layers, you can more easily create firewalls, antivirus software, diagnostic software, and other types of applications and services.

Windows Firewall has also been integrated into MSE, but said integration doesn't amount to more than being able to tweak the Firewall from inside MSE. MSE 2.0 also integrates with Internet Explorer so that it can block malicious scripts.

While this new version is supposed to appear inside MSE and/or Windows Update, but several people are reporting that's not yet the case. You can always download the new version from Microsoft's download centre.

e p (2)    140 Comment(s)

Technology White Papers

See More