Feeds

Win 2000 anti-virus products fail independent tests

Polymorphic virus fools mediocre security packages

Securing Web Applications Made Simple and Scalable

Many big-name anti-virus products failed to secure Windows 2000 in recent independent tests.

Seventeen out of 32 products tested - including packages from Trend Micro, Kaspersky, Norman and Sophos - failed to reach the standard required for VB100 certification. A total of 13 products failed to spot threats known to be circulating. False alarms on known clean files also came up as a problem during the testing, which was run by Virus Bulletin, the independent security certification body.

To earn VB100 certification, products must be able to detect all of the viruses contained in the WildList test set (a list of malware known to be in circulation) without generating any false alarms when scanning clean files.

It's a tough challenge but normally only a handful of submitted products fail VB100 certification. The latest round of testing produced the worst results in years.

The main cause of the string of failures was a particularly nasty polymorphic virus, a form of malware with self-modifying program code specifically designed to defeat anti-virus packages.

"Polymorphic malware went out of fashion for some time but has recently become popular with malware writers once more, both in self-morphing viruses and in Trojans morphed at the server side before delivery," explained John Hawes, technical consultant at Virus Bulletin (VB).

Detecting morphing malware may be tricky, but it's an insufficient excuse for the poor results in the tests. VB called on the industry to "pull up its socks". "It was a shock and a concern to see such a poor performance from so many products in this latest round of testing. It is particularly disappointing to see so many major products missing significant real-world threats," Hawes added. "In these days of hourly updates computer users really ought to be able to rely on their chosen security vendors for full protection against known threats."

Unlike other certification schemes, Virus Bulletin tests all products free of charge and does not allow re-testing - performances are reported exactly as they are found. Security vendors volunteer their products for testing. Virus Bulletin's comparative reviews also cover other performance aspects including detection rates against a selection of zoo viruses, scanning speeds and performance overheads.

The results of the VB100 certification of products for Windows 2000 can be found here (free registration required).

Now, if you'll excuse me, I'm off to download a copy of Ubuntu Linux. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.