Download
Offline Update
Microsoft Security Essentials provides real-time protection for your home or small business PC that guards against viruses, spyware, and other malicious software.
Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and is automatically updated to protect your PC with the latest technology.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.
Before installing Microsoft Security Essentials, we recommend that you uninstall other antivirus software already running on your PC. Running more than one antivirus program at the same time can potentially cause conflicts that affect PC performance.
Full details and System Requirements:
Microsoft Security Essentials offers you comprehensive, state-of-the-art protection against malicious threats such as viruses, Trojans, spyware, and other malware. Microsoft Security Essentials:
Delivers quality protection backed by industry standards and ongoing research into software threats.
Built on the Microsoft industry-certified antimalware protection platform, Microsoft Security Essentials takes advantage of the same core antimalware technology that fuels the rest of the security products from Microsoft, including Microsoft Forefront, the Malicious Software Removal Tool, and Windows Defender, and has received the VB100 award from Virus Bulletin Ltd., Checkmark Certification from West Coast Labs, and certification from the ICSA Labs. Microsoft Security Essentials is backed by the Microsoft Malware Protection Center (MMPC), which provides world-class antimalware research and response capabilities to support all Microsoft security products and services. You can rely on rapid, effective response to a wide range of threats with security research laboratories in multiple locations around the globe on the lookout for new malicious and potentially unwanted software threats wherever and whenever they arise.
Find information, definition updates, and analyses of all the latest threats that Microsoft Security Essentials can help protect you against in the MMPC.
Makes it easy to stay protected after a simple download.
It’s as easy as clicking a download button to get Microsoft Security Essentials. Your system downloads Microsoft Security Essentials in the language you need and installs* with a few simple clicks. Once you have installed Microsoft Security Essentials your software updates automatically, making it easy to sit back and relax.
Microsoft Security Essentials uses the Microsoft Update service to ensure the signatures, antimalware engine, and application are automatically updated. New malware signatures are downloaded once per day with the new signatures accessed in near real time through the Dynamic Signature Service. As the threat landscape changes and new malware emerges, malware engine upgrades and new application features are also delivered to you automatically through the Microsoft Update service.
Is simple to understand and easy to use.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your PC the way you want. The software uses the popular green-yellow-red color coding to designate the security status of your PC, and a color-coded icon in the taskbar tells you at a glance if your attention is required. It’s simple – when you’re green, you’re good. However, if a yellow or red icon is present, you can take the required action directly from the system tray icon without having to enter the application.
When user intervention is required, clear status and recommended actions are presented to you on the home page and through application alerts, which are designed to minimize interruption. In addition, you can take immediate action directly from an alert.
Doesn’t get in the way of PC performance.
Microsoft Security Essentials doesn’t carry the weight of suite products and has a much smaller download size. Scans and updates are scheduled to run when the PC is idle and use a low-priority thread. CPU throttling ensures that no more than 50 percent of the CPU is utilized by Microsoft Security Essentials activity, so that your system continues to perform those tasks you are likely to be performing, such as opening files or browser windows, saving files, and using cut, copy, and paste. Microsoft Security Essentials uses smart caching and active memory swapping so signatures that are not in use are not taking up space, thus limiting the amount of memory used even as the volume of known malware continues to increase. This makes Microsoft Security Essentials friendlier toward older PCs, as well as today’s smaller, less powerful form factors such as netbooks.
We are focused on ongoing Microsoft Security Essentials performance improvements as well. Telemetry on files that are slow to scan is sent to Microsoft for analysis and resolution, and routine engine updates can incorporate advancements for improved scanning speed, remove unneeded signatures, and reduce memory usage.
Runs quietly in the background.
Microsoft does not push offers or display information-only pop-up windows or update status notifications. Microsoft Security Essentials simply runs quietly in the background. You will be alerted only if and when there are specific actions that need to be taken. When you are not present or are too busy to take the recommended action, Microsoft Security Essentials can take the default action on your behalf; you can launch the application at a later time to review and adjust actions taken if desired.
Features
Real-time protection
Microsoft Security Essentials uses real-time protection to help address potential threats before they become a problem. Alerts notify you when spyware, viruses, or other malicious software attempt to run or install on your PC, and suspicious files and programs are prevented from opening. Suspect processes are prevented from running if they exhibit characteristics consistent with malicious software. With real-time protection, Microsoft Security Essentials is less intrusive, provides better protection from constantly changing threats, and requires fewer full-system scans.
System scanning
Microsoft Security Essentials offers full-system scanning capabilities with both scheduled and on-demand scanning options to provide an extra level of confidence. Scheduled scans are turned on by default and configured to run weekly at 2 a.m. when the system is likely idle. There are three scanning options:
Quick scan. On by default, a quick scan rapidly checks the areas malware is most likely to infect, including programs running in memory, system files, and the registry.
Full scan. A full scan checks all files on the computer, the registry, and all currently running programs.
Custom scan. A custom scan allows you to scan only the areas you select.
You can choose when you want a scheduled scan to run, view the scan results before cleaning, or run a scan on demand. If a PC is not “awake” when the scan is scheduled to run, Microsoft Security Essentials will start the scan at the first opportunity once the PC is awake and idle.
Microsoft Security Essentials runs a quick scan as part of the setup experience to check whether the system is clean right from the start. In addition to scheduled and on-demand system scanning, Microsoft Security Essentials provides a Windows Shell extension that allows you to scan individual files at any time by right-clicking on the file either in Windows Explorer or on the desktop.
System cleaning
Microsoft Security Essentials automates the removal process by taking the recommended action for all items detected. By default, automated scans will remove Severe and High items, although you may change default actions in the Settings tab at any time.
When Microsoft Security Essentials determines a possible threat on your machine, alerts notify you of the threat. Threats are categorized as Severe, High, Medium, or Low, and you can choose whether to ignore, quarantine or remove the item from the system:
Quarantine. Microsoft Security Essentials blocks less severe threats and moves them to a quarantined queue where you can elect to restore or permanently delete them. By placing an item in quarantine, you can test the effect of the item’s removal before deleting it from the system.
Remove. This action permanently deletes the item from the system.
Allow. This action will stop Microsoft Security Essentials from detecting the item in future scans by adding it to the Allowed Items list. You can remove items from the Allowed Items list at any time.
Windows Firewall integration
Having an active firewall is part of securing the computing experience. As part of setup, Microsoft Security Essentials scans the PC to determine if a firewall is active on the PC. If no firewall protection is present, you will be given the option to turn on Windows Firewall.
Live system behavior monitoring
Microsoft Security Essentials employs a definitions database of the characteristics and behaviors for known malware. Live system behavior monitoring uses sensors to detect suspicious process, file registry, and kernel operations to help identify new threats. New sensors can be added with each monthly update. Generics and heuristics rule-sets based on emulated behavior through our Dynamic Translation technology enable a single signature to detect thousands of variants. Threats are collected every month from more than 600 million PCs around the world and are assessed by the Microsoft Security Response Center. New signatures are written and deployed multiple times per day so that they are available for use when needed.
Dynamic signature service
With the release of Microsoft Security Essentials in September 2009, Microsoft introduced the dynamic signature service, a new approach to providing the most up-to-date protection for the PC without having to wait for the next signature download. In addition to validating suspicious files against the set of signatures that are downloaded daily, Microsoft Security Essentials contains additional technology to monitor for new and emerging malware and check for signature updates in near-real time.
A new class of heuristic signatures leverages Microsoft dynamic translation technology to emulate the behavior of a program before it runs. Microsoft Security Essentials uses these signatures to look for signs of suspicious behavior and characteristics that are similar to known malware and other abnormal operations. It then queries the dynamic signature service to see if the program should be submitted for analysis or terminated. After a process starts, Microsoft Security Essentials also monitors the file, registry, network, and kernel mode actions taken by unknown programs for suspicious behavior. Actions such as initiating unexpected network connections, attempting to modify privileged parts of the system, or downloading known malicious content trigger requests for updates from the dynamic signature service.
Find information, definition updates, and analyses of all the latest threats that Microsoft Security Essentials can help protect you against in the Microsoft Malware Protection Center.
Rootkit protection
Rootkits are a particularly difficult type of malware to protect against, and Microsoft Security Essentials includes a number of new and improved technologies to address rootkits and other aggressive threats. These technologies include:
Live kernel behavior monitoring, which sends telemetry and update requests to the Dynamic Signature Service whenever the computer’s kernel has been attacked or modified by a new rootkit that is not yet detected with traditional signatures.
Improved anti-stealth functionality—with support for direct file system parsing as part of quick and full scans—which enables the identification and removal of malicious programs and drivers hidden from the file system by a rootkit.
Improved live rootkit removal through dynamic loading of a new kernel mode driver, enabling Microsoft Security Essentials to take the aggressive actions required to successfully remove some of the more advanced rootkits.
Protection against false positives
Microsoft sets a very high, industry-recognized bar for the quality of its definition updates. We maintain a significant database that is kept up to date with the most popular websites and application downloads on the Internet. All updates and engine releases are put through extensive “incorrect” detection and application compatibility tests before release to help ensure they do not mistakenly identify valid software as malicious.
Microsoft Security Essentials also uses the Microsoft telemetry service to monitor the quality of definition updates released to customers. Telemetry is sent to Microsoft on files detected and removed by Microsoft Security Essentials in real time and used to identify abnormal patterns and assess the potential impact of an incorrect or misbehaving signature. In the rare event of an incorrect detection on your PC, the Dynamic Signature Service fixes the signature in real time and to keep you from being impacted.
Network inspection system
The latest version of Microsoft Security Essentials includes a new feature called the network inspection system. The network inspection system provides protection against network-based exploits such as the Conficker (MS09-67) and other exploits that take advantage of network vulnerabilities to infect PCs. The network inspection system in Microsoft Security Essentials also:
Scans traffic on networks to which the PC is connected and proactively mitigates known attacks. No action is required by the consumer or small business.
Automatically blocks traffic with an identified exploit attempt.
Requires the Windows Filtering Platform (WFP) available in Windows Vista and Windows 7. The network inspection system feature will not be enabled on Windows XP.
System Requirements:
Operating System: Windows XP Service Pack 3 (SP3)*; Windows Vista (Service Pack 1, or Service Pack 2)*; Windows 7*
For Windows XP, a PC with a CPU clock speed of 500 MHz or higher, and 256 MB RAM or higher.
For Windows Vista and Windows 7, a PC with a CPU clock speed of 1.0 GHz or higher, and 1 GB RAM or higher.
VGA display of 800 × 600 or higher.
200 MB of available hard disk space.
Internet Browser:
Windows Internet Explorer 6.0 or later.
Mozilla Firefox 2.0 or later.
