Microsoft Security Essentials loses AV-TEST certification
German lab downgrades Redmond after zero-day detection rates slide
Microsoft Security Essentials, Redmond’s free antivirus tool for home users and business with up to ten PCs, can detect just 64 per cent of zero-day threats when running under Windows 7.
That low detection rate has cost it the AV-TEST Institute’s seal of approval, a certification it hands out to products that meet 11 of 18 criteria it assess. Those criteria consider how effective software is at detecting and blocking threats, repair of infected systems and overall usability including “average slowing down of the computer when the software is used on a daily basis, false positives during a system scan and the display of false warnings or the blocking of certain actions during the installation and during the use of known good software.”
The Institute conducts tests bi-monthly and lists longitudinal data on software products’ performance.
During October the Institute rated Security Essentials 4.0 and 4.1 at just 1.5 out of 6 in terms of its ability to protect a PC, thanks largely to the 64 per cent zero-day detection rate being well below the industry average 89 per cent.
Security Essentials has lost AV-TEST’s seal before, with its September 2010 test failing to meet the lab’s criteria. It is the only one of 24 AV products for Windows 7 without the certification. Four products missed out for Windows Vista and two for Windows XP. Windows 8 AV tools are yet to go under the microscope and Microsoft is absent from AV-TEST's list of vendors thanks to the new OS' integrated protection software.
While tests like these have no official standing, a look at AV-TEST’s longitudinal analysis of Security Essentials show it has consistently struggled to perform well in its malware detection and blocking tests.
Another security software testing organisation, Virus Bulletin, says Security Essentials’ performance is sufficient to justify its VB100 rating, which can only be attained by software that “prove[s] it can detect 100% of malware samples listed as 'In the Wild' by the WildList Organization” without generating any false positives. ®
Its free, its not resource hungry, its like any other AV product, it's a defense not an airtight seal of security.
There are always alternatives waiting to take your money off you....Feel free to use them...
Re: Do you mean
Of course not. AV packages are just applications. MACs have to be enforced by the OS (preferably - with hardware support), or they are useless. In addition, MACs enforce confidentiality, while malware tends to be an integrity problem. While a typical MAC system is very robust for protecting higher-classified information from being leaked to lower-ranked users, the integrity problems that the lower-ranked users have tend to move (i.e., infect) the higher-ranked ones even faster than on a typical DAC (discretionary access control) system, where the disaster happens only after the virus manages to infect a high-ranked user.
No, I was talking about much simpler things. Behavior blocking ("why does Excel.exe suddenly want to open cmd.exe for writing?!"), integrity checking ("why the heck did the master boot record change?!"), heuristic analysis (dynamic like in "let's run this program in a sandbox and see if it does anything naughty" or static like "does the structure of this executable file suggest that it is obfuscated and tries to do something naughty when executed?").
I am not sure what you meant with your remark about open source. The only open source AV I know of is pure crap and is clearly made by people who don't have the slightest clue how to design a proper AV product. Or if you meant that I don't really know how AV products work, since I haven't seen their source, then I suggest that you google my name. Trust me, I *have* seen them from the inside and *know* how they work.
Re: What do you expect for free?
Given the number of no-name free scanners with a better detection rate, I expect a better detection rate from a name like "Microsoft".