Discussion has been rolling on in comments to a blog Randy posted some time ago (back in June, to be precise…) on Microsoft Essentials. Rather than go over exactly the same ground, I’d like to reiterate some points about free antivirus generally, but starting off from a question that was put in a comment to that blog.
Why shouldn’t you use free antivirus? (Actually, the question was why shouldn’t you use MSE, but since, as a UK resident, the MSE beta was never available to me, I can’t say much about that specific product.)
Hmm. I don’t think anyone here said you shouldn’t use free AV, did we? After all, we do make free trial versions available and we do have a free online scanner. Of course, the evaluation copy only functions for the evaluation period, and an online scanner has limited functionality, but completely free versions also have limitations. So I’m not going to say that you shouldn’t use a free product. But I will say that you need to be sure that:
The same poster also made a point about MSE catching Trojans that our product didn’t. I can’t comment on the specifics of those failures, as I don’t have the details, but I would expect all products to detect some malicious programs and miss others. That’s the state of the threat landscape we’re currently traversing, where the number of individual malicious programs is claimed to be tens of millions. Under those circumstances, I don’t think you should expect a single antivirus product, free or not, to catch all malware. When you pay for a product, you’re paying for good but not infallible detection, and you may also get that from a good free product.
(Clearly, I’m not talking here about not-so-good free products (and no, I’m not going to name you some), let alone those "rogue anti-malware products" that are in fact malware themselves, intended only to deceive and cheat customers out of their money.)
However, what you’re less likely to get from a free product is multiple layers of protection, or active support (and by that, I mean a useful response to telephone calls or emails, not diversion to an FAQ, however, good, or a user forum). If you don’t think you need any of that, that’s your decision, but it’s not one I’d make myself.
We did get another, lengthy comment that made some good points. Unfortunately, it also made some pure sales points, so I haven’t approved it: we don’t do direct marketing for ESET on this blog, so we’re certainly not going to do it for one of our competitors! I would like to come back to that comment, nevertheless, but it’s a matter of finding time.
David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php
Securing Our eCity community initiative: http://www.securingourecity.org/
Author David Harley, ESET