Home | Explore Windows |

Privacy Policy

Microsoft Security Essentials Privacy Statement

Last updated: February 2012

Microsoft is committed to protecting your privacy while delivering products that bring you the performance, power, and convenience you desire in your personal computing. This privacy statement explains many of the data collection and use practices of Microsoft Security Essentials. It doesn't apply to other online or offline Microsoft sites, products, or services.

Microsoft Security Essentials helps protect your PC from malicious software (malware) such as viruses, spyware, and other potentially harmful software.

It offers three ways to help protect your PC from malware and other potentially unwanted software:

Real-time protection. Microsoft Security Essentials alerts you when malware, spyware, or potentially unwanted software attempts to install or run on your PC. It also alerts you when programs attempt to change important Windows settings.
Scanning options. You can use Microsoft Security Essentials to scan for threats, viruses, spyware, and other potentially unwanted software that might be installed on your PC, to schedule scans on a regular basis, and to automatically remove any malicious software that is detected during a scan.
Detection. Should malicious software be detected on your computer, certain actions will automatically be taken to remove the malicious software and protect your computer from potential further infection. Once the malicious software is removed, Microsoft Security Essentials may also reset some Windows settings (such as your home page and search provider).

Collection and use of your personal information

When we need information that personally identifies you or allows us to contact you, we will explicitly ask you for it. In the case of Microsoft Active Protection Service (MAPS), by accepting this privacy statement, you agree to send reports to Microsoft (see below). The personal information that we collect from you will be used by Microsoft and its controlled subsidiaries and affiliates to provide the service(s) or carry out the transaction(s) you have requested or authorized, and it may also be used to request additional information on feedback that you provide about the product or service that you're using; to provide critical updates and notifications regarding the pre-release software; or to improve the product or service (for example, bug and survey form inquiries).

Except as described in this statement, personal information you provide won't be transferred to third parties without your consent. We occasionally hire other companies to provide limited services on our behalf, such as answering customer questions about products or services, or performing statistical analysis of our services. We will only provide those companies the personal information they need to deliver the service, and they are prohibited from using that information for any other purpose.

Microsoft may access or disclose information about you, including the content of your communications, in order to: (a) comply with the law or respond to lawful requests or legal process; (b) protect the rights or property of Microsoft or our customers, including the enforcement of our agreements or policies governing your use of the services; or (c) act on a good faith belief that such access or disclosure is necessary to protect the personal safety of Microsoft employees, customers, or the public. We may also disclose personal information as part of a corporate transaction such as a merger or sale of assets.

Collection and use of information about your computer

This software contains Internet enabled features that collect certain standard information from your computer ("standard computer information") and send it to Microsoft. Standard computer information includes certain information about your computer software and hardware, such as your IP address, operating system, web browser software, and version. The privacy details for each Microsoft Security Essentials feature listed in this privacy statement disclose what additional information is collected and how it is used.

Information that is collected by or sent to Microsoft may be stored and processed in the United States or any other country in which Microsoft or its affiliates, subsidiaries, or service providers maintain facilities. Microsoft abides by the safe harbor framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of data from the European Union, the European Economic Area, and Switzerland.

Recommended settings in Microsoft Security Essentials

If you choose the recommended settings during setup, Microsoft Security Essentials real-time protection will be enabled and automatic scanning will occur weekly at 2:00 A.M. on Sunday.

Security of your information

Microsoft is committed to protecting the security of your information. We use a variety of security technologies and procedures to help protect your information from unauthorized access, use, or disclosure.

For more information

Microsoft welcomes your comments regarding this privacy statement. If you have questions about this statement or believe that we haven't adhered to it, please contact us by using our web form. If you have a technical or general support question, please visit http://support.microsoft.com to learn more about Microsoft Support offerings.

Microsoft Privacy, Microsoft Corporation, One Microsoft Way, Redmond, Washington 98052 USA · 425-882-8080

Specific features

History

What this feature does: This feature provides a list of all malware or suspected malware that Microsoft Security Essentials detected on your PC and the actions that were taken when these programs were detected. The information displayed in the History tab is for items detected for all users - not per user.

Information collected, processed, or transmitted: A list of all malware or suspected malware that Microsoft Security Essentials detected on your computer and the actions taken on these items are stored on your computer. These lists include Microsoft Security Essentials activity for all the local users on the computer. The lists are sent to Microsoft as part of your basic membership in MAPS.

Choice and control: History lists may be deleted by the local computer administrator. By default, all items are displayed for all users. To allow only the local computer administrator to view all items, in the Settings tab, select the Advanced tab and clear the option "Allow all users to view the full History results."

Microsoft Update

What this feature does: Microsoft Security Essentials turns on automatic updating from Windows Update and Microsoft Update to help keep your computer current with updates to Windows and other Microsoft software. This means any software using Windows and Microsoft Update will be impacted by this change. Microsoft Update is essential to providing you with the latest malware threat definition updates for Microsoft Security Essentials.

Information collected, processed, or transmitted: For more information about Windows Update and Microsoft Update, see the Update Services Privacy Statement at http://go.microsoft.com/fwlink?LinkID=76234.

Choice and control: Windows Update and Microsoft Update are turned on by default in order to provide you with the current software and virus signature updates. If you would like to later turn updates off, you can do so through Windows settings. To learn how, see the Update Services Privacy Statement at http://go.microsoft.com/fwlink?LinkID=76234.

Automatic scanning for malware

What this feature does: Microsoft Security Essentials includes an automatic scanning feature, which scans your computer and alerts you if it detects malware. You can turn automatic scanning on or off and change the frequency and type of scans using the Microsoft Security Essentials Settings tab. You can also choose which actions are automatically applied to software that Microsoft Security Essentials detects during a scheduled scan. For severe/high threats, certain actions will automatically be taken by default to remove the malicious software and protect your computer from potential further infection. Once the malicious software is removed, Microsoft Security Essentials may also reset some Windows settings (such as your home page and search provider). For low/medium threats, we will prompt you to take an action. To modify the actions taken in response to these threats, see the Choice and Control section below.

Choice and control: While not recommended, you can turn off automatic scanning using the Microsoft Security Essentials Settings tab. You can also configure the actions taken for each level of threats in the "Settings" panel of Microsoft Security Essentials.

Real-time protection

What this feature does: Microsoft Security Essentials' real-time protection feature alerts you when viruses, spyware and other potentially unwanted software attempts to install itself or run on your PC. For severe/high threats, certain actions will automatically be taken by default to remove the malicious software and protect your computer from potential further infection. Once the malicious software is removed, Microsoft Security Essentials may also reset some Windows settings (such as your home page and search provider). For low/medium threats, we will prompt you to take an action. To modify the actions taken in response to these threats, see the Choice and Control section below.

Choice and control: While not recommended, you can turn off real-time protection using the Microsoft Security Essentials Settings tab. You can also configure the actions taken for each level of threats in the "Settings" panel of Microsoft Security Essentials.

Shell extension

What this feature does: Shell extension is a scanning tool, which lets you select specific files and/or folders and scan them using Microsoft Security Essentials.

Information collected, processed, or transmitted: A list of all malware or suspected malware that Microsoft Security Essentials detected on your computer and the actions taken on these items are stored on your computer. These lists include Microsoft Security Essentials activity for all the local users on the computer. These lists are sent to Microsoft as part of your basic membership in MAPS.

Choice and control: The shell extension feature is a manual tool that you can choose to use or not.

Microsoft Active Protection Service (MAPS)

What this feature does: The Microsoft Active Protection Service (MAPS) antimalware community is a voluntary, worldwide community that includes Microsoft Security Essentials users. If Microsoft Security Essentials is turned on, MAPS can report malware and other forms of potentially unwanted software to Microsoft. If a MAPS report includes details about malware or potentially unwanted software that Microsoft Security Essentials may be able to remove, MAPS will download the latest signature to address it. MAPS can also find "false positives" (where something originally identified as malware turns out not to be) and fix them.

Information collected, processed, or transmitted: This feature sends reports about malware and potentially unwanted software to Microsoft. These reports include information about the files or apps in question, such as file names, cryptographic hash, vendor, size, and date stamps. In addition, MAPS might collect full URLs to indicate the origin of the file, which might occasionally contain personal information such as search terms or data entered in forms. Reports might also include the actions that you applied when Microsoft Security Essentials notified you that software was detected. MAPS reports include this information to help Microsoft gauge the effectiveness of Microsoft Security Essentials' ability to detect and remove malware and potentially unwanted software.

If Microsoft Security Essentials and MAPS are both enabled on your PC, MAPS reports will be automatically sent to Microsoft when:

Microsoft Security Essentials detects software or changes to your PC by software that hasn’t been analyzed for risks yet.
Microsoft Security Essentials applies actions to malware (as part of its automatic remediation) upon detection.
Microsoft Security Essentials completes a scheduled scan and automatically applies actions to software that it detects, according to your settings.

If MAPS reports new malware to Microsoft that Microsoft Security Essentials can remove, new signatures will be automatically downloaded to your computer, helping to protect your machine more rapidly from potential threats.

You can join MAPS with a basic or an advanced membership. If you choose to enable MAPS (for example, when you choose the settings in Microsoft Security Essentials Setup), you join with a basic membership. Basic member reports contain the information described in this section. Advanced member reports are more comprehensive and might occasionally contain personal information from, for example, file paths and partial memory dumps. These reports, along with reports from other Microsoft Security Essentials users who are participating in MAPS, help our researchers discover new threats more rapidly. Malware definitions are then created for apps that meet the analysis criteria, and the updated definitions are made available to all users through Windows Update.

If you join MAPS with a basic or an advanced membership, Microsoft might request a sample submission report. This report contains specific files from your PC that Microsoft suspects might be potentially unwanted software. The report is used for further analysis. You will be asked each time if you want to send this sample submission report to Microsoft.

To help protect your privacy, reports that are sent to Microsoft are encrypted.

Use of information: MAPS reports are used to improve Microsoft software and services. The reports might also be used for statistical or other testing or analytical purposes, and for generating definitions. Only Microsoft employees, contractors, partners, and vendors who have a business need to use the reports are provided access to them. MAPS does not intentionally collect personal information. To the extent that MAPS collects any personal information, Microsoft does not use the information to identify you or contact you.

Choice and control: You may choose your MAPS membership—basic or advanced—or settings while installing Microsoft Security Essentials. After installation, you can change your MAPS membership or settings at any time by using the Tools menu in Microsoft Security Essentials in the desktop Control Panel. Please note that MAPS only operates if Microsoft Security Essentials has been enabled on your computer.

Microsoft Security Essentials error reporting

What this feature does: Microsoft Security Essentials also collects and reports on errors that occur in the software.

Error reports include information about problems that occur in the Microsoft Security Essentials software.

Information collected, processed, or transmitted: Error reports might unintentionally contain personal information. For example, reports might contain the names of folders on your computer that could include the name of your Windows user account. Microsoft doesn't use this information to identify you or contact you. To learn more about error reports, see http://go.microsoft.com/fwlink/?LinkId=56274.

Use of information: Error reports help Microsoft keep this software in good working condition so that we can help protect your computer against potential threats.

Choice and control: This feature is on by default, and error reports are automatically sent to Microsoft.

You can disable the automatic reporting of errors that may contain the names of folders on your computer by creating:

a registry value named "DisableGenericReports" with any type or value under "HKLM\Software\Microsoft\Microsoft Security Essentials"
a registry REG_DWORD value named "DisableGenericReports" with value ‘1’ under "HKLM\Software\Microsoft\Microsoft Antimalware\Reporting"

NOTE: By making this registry change, it will be applied to only Microsoft Security Essentials and not impact other products or services using Error Reporting.

CAUTION: Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on the computer. You can also use the “Last Known Good Configuration” startup option if you encounter problems after manual changes have been applied.

Customer Experience Improvement Program

What This Feature Does: The Customer Experience Improvement Program (“CEIP”) collects basic information about your hardware configuration and how you use our software and services in order to identify trends and usage patterns. CEIP also collects the type and number of errors you encounter, software and hardware performance, and the speed of services. We won't collect your name, address, or other contact information.

Information Collected, Processed, or Transmitted: For more information about the information collected, processed, or transmitted by CEIP, see the CEIP privacy statement at http://go.microsoft.com/fwlink/?LinkID=52097.

Use of Information: We use this information to improve the quality, reliability, and performance of Microsoft software and services.

Choice/Control: CEIP is off by default.
You're offered the opportunity to participate in CEIP during setup.
If you choose to participate and later change your mind, you can turn off CEIP at any time by:
Using the CEIP Opt-out run-time dialog. From the Help menu, open the link named “Customer Experience Improvement Program” and check the ‘Don’t Join’ radio button.

Was this helpful?

Thank you.

Do you want to add anything else?

Thank you. Your feedback helps us to continually improve our content.

Meet Windows 7

Using Windows

Shop

Products

Info for