Which makes you wonder about the quality of the products they develop 100% in-house.
In the case of the browsers, it "only" the bits they tampered with that's more insecure. For their own stuff, anti-virus, firewall and what not, they've "tampered" with the entire code base.
In my experience non-OSS security software is not worth having. There are some exceptions but they are exactly that, exceptions. More often then not by installing this garbage you are putting yourself in a worse position than not having it at all.
The (closed-source) security software Microsoft ships with modern Windows is quite good. I don't think OSS/non-OSS is the real dividing line, but rather motivation of the vendor is.
In the case of Microsoft, their motivation is to make Windows work better, in the case of OSS the motivation is often to scratch personal itches, both of these motivations trend towards positive results.
In the case of 3rd party security software vendors, their motivation is usually to upsell you from whatever version you are using to a higher level of "security", so it is in their best interest to go nuts with false positive reports (eg. finding some browser cookies in a scan, posting up such severe looking warnings that you'd think your system is rooted), bog your system down, etc.
Personally I think Microsoft wasted their money with their built-in security software, and should have just ignored it. In fact, they're wasting money pouring resources into security patches. They should just leave security holes wide open until they feel like getting around to fixing them, if ever.
Think about it: all this stuff is costing them money, and that reduces their profitability. What is it gaining them? Nothing.
Why? Simple: if customers get pissed off, what are they going to do, switch to Linux or Mac? Maybe a few, but the vast majority will just put up with it and gripe and complain. They're never going to leave Windows, so it would make sense for Microsoft to screw them over.
The only AV scanner I've found that is worthwhile is Malwarebytes. Honestly, my mothers friend had got Norton Antivirus, so I installed it and ran a scan. Found 3 bits of malware. Then installed Trend's AV scanner after uninstalling Norton - found 2 more malware. Ran Malwarebytes - found 45 and removed them!
I've lost weeks of my life to hacking around problems caused by antivirus software.
Oh, I got paid for the time, but which is more satisfying and looks better on my resume: "Hacked around antivirus bugs" or "Built a cool and awesome feature"? :-)
Here's my previous rant on the topic with specific details:
>Which makes you wonder about the quality of the products they develop 100% in-house.
You might be interested in reading up on tavis Ormandy and his adventures with Sophos antivirus. He was able to find several holes in sav with [allegedly] very little effort. Which was especially comical because they could be used to pwn Sophos' network firewall product which is used by enterprises.
In the case of the browsers, it "only" the bits they tampered with that's more insecure. For their own stuff, anti-virus, firewall and what not, they've "tampered" with the entire code base.