Microsoft Security Essentials Review

key review info
application features
  • User-friendly interface
  • (6 more, see all...)

Microsoft Security Essentials (MSE) represents Microsoft's initiative to offer a free antivirus to users who do not want to pay for such a service, while still taking advantage of powerful features. It includes a real-time guard against various types of malware, like viruses, spyware, Trojans and rootkits.

The application offers support for Windows XP, Vista and 7, whereas Windows Defender is the built-in av program in Windows 8 (they share the same virus definitions). Although it is widely regarded as entry-level security software, MSE has some advanced settings under the hood.


Installing Security Essentials takes little time and will require a genuine Windows copy. It's not as speedy as other antivirus freebies but reasonable nonetheless. A message warns the user to uninstall any other existing antivirus tools, due to a high risk of software conflict that may eventually lead to performance issues.

In an attempt to confirm or deny this during Softpedia tests, the message was disregarded and Security Essentials was installed alongside an existing av product, but not before disabling the latter's protection layers, including real-time module. Tests ran smoothly until a BSOD was triggered mid-scan. Message received, Microsoft.


The main application window is not cluttered with unnecessary visual elements but maintains the clean aspect that MSE has already familiarized its users with in previous iterations. Instead, it contains four tabs with a well-organized structure, where the inexperienced user may quickly gain access to scanning modules, virus definition updates, history, and settings.

The GUI theme color is in accordance with the current safety level identified by MSE, and it changes as threats are found and eliminated. This status is also represented in the MSE tray icon. Green means total security, yellow indicates potential threats, while red points to risky activity.

The Home tab shows an overview on the security status when it comes to the real-time protection shield and virus definitions, along with the next scheduled scan and last performed one.

There are three scanning modes available: quick, full and custom. The first one looks for malware in known hiding areas, while the second method performs a complete search on the computer, without leaving out any parts. In custom mode, you can specify individual drives and/or directories.

While the scanner is active, MSE shows a progress bar, scan type, start and elapsed time, scanned items, along with the currently processed file. Once malicious agents are located, the application pops up a dialog with their names, alert levels, status, and recommended actions. Extensive details reveal the threat's category, general description and file path. Additional information can be viewed on the Microsoft website, provided that you log in with a Microsoft account.

For maximized system protection it is crucial to keep the virus and spyware definitions up to date. These are automatically brought up to speed on a regular basis, and you may manually trigger this action anytime. In the Update tab, you can view the definitions' date of creation and last update, together with current version.

The History area can be filtered to list all detected items, only quarantined or only allowed files. It contains the same details that were previously described in the scanning operation.


From this area, you can schedule a quick or full scan on a daily basis or for any day of the week at a user-defined time. MSE is able to check for the latest definitions beforehand, start the scheduled scan only if the PC is idle, and limit the CPU level.

Security Essentials identifies the dangerous factor of potential threats and labels them accordingly: low, medium, high or severe alert level. It is possible to establish the default action to show on screen when prompting the user, or to be performed by MSE without user intervention: recommended action, remove, or quarantine. Low or medium-risk files can be ignored as well.

Custom drives, directories, files, file types and processes can be excluded from all scans. Furthermore, you can set the program to verify archive files and removable drives (in full system scans), create a system restore point before taking action in case Windows starts experiencing issues afterward, allow all users to view the history list, specify a time frame for keeping quarantined files, as well as send file samples automatically to the MAPS labs (Microsoft Active Protection Service) when further analysis is required.

Testing speed and detection rate

Microsoft Security Essentials was submitted for comparative testing against Avira Free Antivirus and AVG Antivirus Free on an Intel Core 2 Duo E6420 and 4GB RAM on Windows 7 Professional 64-bit on 320GB Samsung SpinPoint HDD (7200RPM and 16MB buffer). The scanning target was the system drive with 28GB used space.

AVG was first to cross the finish line in 14 minutes and 59 seconds, followed by Avira in 23 minutes and 31 seconds. MSE completed the scan job in 28 minutes and 2 seconds. Note that all apps' settings were adjusted to equal level (e.g. scan archives, normal priority, verify all files).

In order to evaluate each tool's performance when it comes to identifying malicious software, 10,003 virus samples were introduced. As for success rates, Avira scored first position with 99.4%, AVG came in second place with 97.4%, while Security Essentials detected 92.3% out of all applied samples.

The Good

Microsoft Security Essentials implements a shell extension for scanning custom files, folders or drives when exploring the computer. The real-time guard can be disabled from the Settings panel. The interface is incredibly easy for novices to figure out. Resources usage is generally low when the real-time layer is activated and no scans are running.

The Bad

The notification system is intrusive. Too many messages keep popping up from the bottom-right corner of the screen when no actions need to be taken. During tests, confirmation for cleaning the same threats was often requested by Security Essentials.

When the tool is applying selected actions on infections, you cannot cancel the task, navigate MSE's interface or minimize the window. The progress bar in the “Potential threat details” panel is frequently misleading when removing or quarantining files, aside from the fact that the job takes too long. It starts filling the meter rapidly and progressively decreases in speed.

The History tab does not include reports for each scan job, nor total scan time. Furthermore, it is not possible to schedule custom scans or definition updates, look for only particular file types, or specify the default action for real-time protection and scan methods individually.

The Truth

The bottom line is that MSE is a suitable security solution only for casual users who don't venture too often in the Internet's darkest corners. More advanced (or courageous) people will need to take the next rational step: upgrading to a more powerful product.
user interface 3
features 3
ease of use 5
pricing / value 5

final rating 3
Editor's review