Tuesday, January 25, 2011

Tech Tuesday Tip

Note, this is part one of a 2-parter...

Sometimes at work, my coworkers come to me if they have a problem with their computer.I don't have all the answers. But I am always looking for them.

This is from a newsletter I get each week Windows Secrets. One of the best ways to make sure your computer is functioning properly is to keep all the software up to date. I'm not talking about buying the "latest & greatest". I'm referring to the free updates and upgrades....

Two great security tools get free updates

Fred Langa By Fred Langa

Two outstanding security apps, Microsoft Security Essentials 2.0 and Secunia Personal Software Inspector 2.0, are now available.

The original versions of these programs were great, but the new versions are even better; they're must-have software — and they're still free!

Beefing up Microsoft Security Essentials

In December, after a four-month beta test, Microsoft quietly released a major revision of its impressive and free Security Essentials anti-malware tool. The new version is slowly being rolled out via Windows Update, but you can — and I think you should — grab it right away.

MSE 2.0 is a nearly total rewrite of Microsoft's security tool. Although there are some visual changes in the software (more on that in a moment), the most significant enhancements are under the covers.

The most important change: MSE 2.0 now uses heuristic malware detection in addition to the same definitions-based malware detection methods employed by MSE 1.0. Heuristic technology has been around for years and is designed to detect new malware based on behavior, thus protecting you against threats that aren't yet in the definitions database. MSE2 calls this feature behavior monitoring. (See Figure 1.)

MSE adds Heuristic and network monitoring
Figure 1. Microsoft Security Essentials 2.0 broadens its protections with the addition of behavior-based heuristic malware detection and network-traffic filtering.

Another major change, also shown in Figure 1, is network inspection, which monitors network traffic, looking for suspicious activity and network-based attacks. It works by hooking into the Windows Filtering Platform (WFP) that's part of Win7 and Vista. (You can read more about Windows Filtering Platform at an MSDN site.)

XP lacks the built-in WFP services, so unfortunately, MSE 2.0's network inspection is not available on that OS.

These two new features alone make MSE 2.0 a worthwhile upgrade, but 2.0 also offers some additional, less significant improvements.

Better integration with Windows components

On all versions of Windows, including XP, MSE 2.0 integrates better with the operating system and other security components. For example, the new software checks to ensure that a firewall is present and active; it offers to turn on and configure the Windows firewall if no other firewall is found.

Also, you can now limit how much CPU time MSE consumes during a scheduled scan. The default is a maximum of 50% CPU utilization. But you can set it as low as 10% (should you want the scan to have minimal impact on other tasks) or as high as 100% (if you want the scan to complete as quickly as possible). (See Figure 2.)

MSE CPU limit
Figure 2. MSE 2.0 lets you control how much CPU time the software can consume during scheduled scans.

Using the Advanced settings, you now can force the quarantine folder to empty itself after a set amount of time, from days to months (as shown in Figure 3).

MSE time-based quarantine limits
Figure 3. If you wish, you can set the quarantine folder to clean itself out periodically.

You'll notice in Figure 4 that MSE 2.0's new visual design (top) has not strayed far from the original (bottom). This freshening is mostly decorative — and that's good, because MSE remains extremely easy to use; there's nearly nothing new to learn.

MSE interface, v1.0 and v2.0
Figure 4. MSE 2.0's interface (top) looks a bit more graphically sophisticated than 1.0's (bottom) but retains the original's functional simplicity.

Multiple paths to installing MSE 2.0

In the past, Microsoft has used both MSE's built-in update mechanism and Windows Update to roll out updates (see Microsoft Knowledge Base article 975959), and it's a safe bet that this upgrade will use the same mechanisms. But as of this writing, none of my PCs had been offered version 2.0 — neither automatically nor by any other means.

Wait for MSE 2.0 to be offered if you wish, but I recommend grabbing it right away. It's available either from the MSE home site or Microsoft's MS Download Center. It's the same software in either case.

MSE 2.0 will run on 32- and 64-bit versions of Vista or Win7 and on 32-bit XP. It's the same MSE 2.0 setup whether you're installing it new or upgrading from MSE version 1.0.

A nice touch: If you're already running MSE 1.0, you don't have to uninstall it first. Just download and run the 2.0 setup — it will handle the uninstallation of the earlier version for you.

Another nice touch: The 1.0 uninstall is complete. Everything, including version 1.0's original /Program Files/Microsoft Security Essentials folder, is deleted. In its place, MSE 2.0 installs a wholly new folder called /Program Files/Microsoft Security Client.

If you're running any antivirus tool other than MSE 1.0, you should uninstall it before installing MSE 2.0. (This is standard procedure; in general, you should never have two security tools trying to do the same job at the same time.)

The safest way to handle the transition between security tools is to download the MSE 2.0 setup file and then disconnect your PC from the network. You can do this by turning off or disabling the connection in software or by physically unplugging the network cable.

Exit all nonessential software; ideally, you want nothing but the operating system and your current antivirus tool to be active. Then, with your PC safely isolated from the network, uninstall your old antivirus tool. Reboot when you're done.

After the reboot, start the MSE 2.0 setup program and let it run to completion. When it's up and running, you then can reconnect to the network and resume using your PC normally.

Once installed, MSE 2.0 immediately updates itself with the latest definitions and offers to do an initial scan of your PC. Let it do its thing; once it's set up, MSE is one of the least obtrusive security tools you can use.

MSE 1.0 was a winner, but I personally think Version 2 is the best free AV tool, period. Highly recommended!

The Windows Secrets Newsletter is published weekly on the 1st through 4th Thursdays of each month, plus occasional news updates. We skip an issue on the 5th Thursday of any month, the week of Thanksgiving, and the last week of December. Windows Secrets is a continuation of four merged publications: Brian's Buzz on Windows and Woody's Windows Watch in 2004, the LangaList in 2006, and the Support Alert Newsletter in 2008.

Publisher: WindowsSecrets.com, 1218 Third Ave., Suite 1515, Seattle, WA 98101 USA. Vendors, please send no unsolicited packages to this address (readers' letters are fine).

Editor in chief: Tracey Capen. Senior editors: Fred Langa, Woody Leonhard. Associate editor: Kathleen Atkins. Copyeditor: Roberta Scholz. Program director: Tony Johnston. Contributing editors: Yardena Arar, Susan Bradley, Michael Lasky, Scott Mace, Ryan Russell, Lincoln Spector, Robert Vamosi, Becky Waring. Product manager: Andy Boyd. Advertising director: Eric Gilley. Subscription manager: Revia Romberg.

Trademarks: Microsoft and Windows are registered trademarks of Microsoft Corporation. The Windows Secrets series of books is published by Wiley Publishing Inc. The Windows Secrets Newsletter, WindowsSecrets.com, Support Alert, LangaList, LangaList Plus, WinFind, Security Baseline, Patch Watch, Perimeter Scan, Wacky Web Week, the Logo Design (W, S or road, and Star), and the slogan Everything Microsoft Forgot to Mention all are trademarks and service marks of WindowsSecrets.com. All other marks are the trademarks or service marks of their respective owners.

No comments:

Post a Comment