Chippiewill
17-01-2013, 06:13 PM
, Redmond challenges results
Microsoft's popular Security Essentials anti-virus software has failed to gain the latest certificate from the AV-TEST institute. In antimalware testing against a range of products, AV-TEST failed to certify AhnLab V3 Internet Security 8.0, Microsoft Security Essentials 4.1, and PC Tools Internet Security 2012 out of a total of 25 different vendors. Microsoft's own anti-virus software failed to adequately protect against 0-day malware attacks, scoring an average of 71 percent vs. the industry average of 92 percent.
Microsoft says it has conducted a "rigorous review of the results" and has found that 0.0033 percent of Microsoft Security Essentials users were impacted by the malware samples not detected during the tests. Microsoft appears to challenge the results and anti-virus testing in general, claiming that it's "difficult for independent antimalware testing organizations to devise tests that are consistent with the real-world conditions." The software maker says it prioritizes customer impact, but that 94 percent of the 28 missed 0-day samples "don't represent what our customers encounter." Nevertheless, Microsoft says it's "committed to reducing" the 0.0033 percentage impact rate to zero.
http://www.theverge.com/2013/1/17/3885962/microsoft-security-essentials-fails-anti-virus-certification-test
Article and Microsoft bring up a brilliant point, heuristics are fairly pointless as they're always going to get false positives. Microsoft as a company have taken up a brilliant system of adding 0 day exploits to their definitions fast whilst the others lag behind. In reality encountering a true zero day exploit is unlikely so it even seems obvious to do this rather than using heuristics as a stop gap.
Microsoft's popular Security Essentials anti-virus software has failed to gain the latest certificate from the AV-TEST institute. In antimalware testing against a range of products, AV-TEST failed to certify AhnLab V3 Internet Security 8.0, Microsoft Security Essentials 4.1, and PC Tools Internet Security 2012 out of a total of 25 different vendors. Microsoft's own anti-virus software failed to adequately protect against 0-day malware attacks, scoring an average of 71 percent vs. the industry average of 92 percent.
Microsoft says it has conducted a "rigorous review of the results" and has found that 0.0033 percent of Microsoft Security Essentials users were impacted by the malware samples not detected during the tests. Microsoft appears to challenge the results and anti-virus testing in general, claiming that it's "difficult for independent antimalware testing organizations to devise tests that are consistent with the real-world conditions." The software maker says it prioritizes customer impact, but that 94 percent of the 28 missed 0-day samples "don't represent what our customers encounter." Nevertheless, Microsoft says it's "committed to reducing" the 0.0033 percentage impact rate to zero.
http://www.theverge.com/2013/1/17/3885962/microsoft-security-essentials-fails-anti-virus-certification-test
Article and Microsoft bring up a brilliant point, heuristics are fairly pointless as they're always going to get false positives. Microsoft as a company have taken up a brilliant system of adding 0 day exploits to their definitions fast whilst the others lag behind. In reality encountering a true zero day exploit is unlikely so it even seems obvious to do this rather than using heuristics as a stop gap.