Top vendors flunk Vista anti-virus tests
Security vendors including CA and Symantec failed to secure Windows systems without fault in recent independent tests.
Twelve of the 35 anti-virus products put through their paces by independent security certification body Virus Bulletin failed to make the grade for one reason or another and therefore failed to achieve the VB100 certification standard.
The main faults were either a failure to detect a threat known to be in circulation (one particularly tricky polymorphic file infector caused the most grief in this area) or creating a false alarm about a file known to be benign.
Virus Bulletin's VB100 tests benchmarks the performance of a vendor submitted anti-virus product against a set of malware from the WildList, a list of viruses known to be circulating. To gain VB100 certification, a security product must correctly detect all of these malware strains without blowing the whistle when scanning a batch of clean files. Vendors only get one run at passing the tests, which are conducted free of charge to security software manufacturers.
Most, but not all, of the main vendors submits products for testing. Trend Micro - which has expressed reservations about Virus Bulletin's testing methodology - is a notable dissident.
The results of the August 2009 VB100 review can be seen here (free registration required).
John Hawes, anti-malware test director at Virus Bulletin, said its biggest problem in running its most recent tests were crashes and system slowdowns.
"Many of the products in this test did prove stable, speedy and well behaved, but many others had issues far too serious to be classed as mere quirks and oddities," he said. "We experienced a large number of freezes, crashes and hangs, not just of the product interfaces or of specific scans but in many cases seeing the whole machine shutting down."
Virus Bulletin recently began assessing the reactive and proactive detection abilities of anti-virus products alongside the long-established VB100 tests. The new tests are a reflection that the malware landscape has changed radically over recent years, with greater malware volumes and targeted attacks.
Microsoft's new Forefront security scanner came out well in these proactive categories, a factor Hawes attributed to the effort Microsoft has thrown into improving the performance of its technology over recent months.
Hawes added that overall performance of security products in proactively detecting malware was "disappointingly low" in several cases (see chart here).
"We saw some particularly poor detection of emerging threats and the products in question have a lot of work to do if they are to provide acceptable protection for their customers," he said. ®
@James O'Brien -logic?
"James O'Brien Posted Thursday 6th August 2009 21:40 GMT
I would if I were you :) Been happily running Vista 64 for 2.5 years now without AV and loving it....and no I havent gotten a virus."
Errm, if you haven't used any form of AV how do you know you've never gotten a virus? to the best of my knowledge they don't pop up and tell you they have arrived.
I do appreciate where you're comming from in that I dont doubt many of the bloody things trigger false postives etc but unless you've never connected it to any form of network and never inserted any usb/cd into it i'd probably want to do a scan once in a while, probably with that free version of avira that appears to have kicked the big boys to the curb. I never heard of them before, might check 'em out.
Just to check, Virus Bulletin isn't linked in any shape or form to any AV vendor right? totally independent and verified so?
You know and I know that just being near an internet means that hackers can WirelessFi into your computer's hard drive and risk smashing its windows.
It's absolutely nothing to do with the user going to disreputable sites and being curious about these emails he keeps receiving about breast augmentation. It's all about the hackers implanting trojan virusses and flash Javas on your system.
"I'm somewhat disappointed that Avast didn't opt to be in the trials."
Maybe I'm missing something here, but...
Alwil is on the chart at <http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Feb-Aug09.jpg> occupying nearly the same spot as Sophos, hmm...
Although I didn't play the virusbtn.com annoying registration game <http://www.virusbtn.com/vb100/archive/2009/08> so I don't know what's on that other page.