Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Vista AV Fails Certification

Posted by kdawson on from the black-eye dept.

An anonymous reader writes "Microsoft's much-hyped anti-virus solution, Live OneCare and three other Vista AV products failed to achieve the Virus Bulletin's VB100 certification. The other products are McAfee's VirusScan Enterprise, G DATA's AntiVirusKit 2007, and Norman's VirusControl. All failed to pass a series of tests that are required to display the VB100 badge. 'With the number of delays that we've seen in Vista's release, there's no excuse for security vendors not to have got their products right by now,' said John Hawes, technical consultant at Virus Bulletin."

9 of 161 comments (clear)

  1. Re:excuses... by ThinkFr33ly · · Score: 5, Informative

    Actually, the details on implementing anti-virus for Vista, and other low level filters, have been available for well over a year. Some documentation has been avilable for more than 2 years.

    That's how companies like Kaspersky and AVG came out with fully Vista compliant versions of their software months ago. Software which works extremely well, by the way. (Kaspersky passed this test. It says so right in the article.)

  2. Great Sales Pitch by Zonnald · · Score: 3, Informative
    Tried to follow the links to the report to see what the fuss was about. First I was told I had to register for Free. I did that then clicked on the report - only to be told I had to subscribe. Not going to happen.

    For obvious reasons I will leave it to the reader to decide if they want to go and have a look, no links will be provided.

  3. Re:Hate to say it by Creepy+Crawler · · Score: 3, Informative

    ---I hate to say it, but Microsoft were right for once in their earlier VISTA policy of locking down the practice of hooking into the kernel.

    Locking down along with no source code is simply security by obscurity. There WILL be bugs found, and those bugs will have kernel rights. Do you think that is good? Guess what, I dont.

    Vista will only reassure that bug releasers should not publish bugs, but rather sit on them. BTW, how do you clean out a kernel-infected Windows machine?

    ---It's that feature in XP that allows malware to flourish.

    Is there an executable preventer on Linux? Nosiree, there's nothing preventing a user from affecting his own dataspace. What do you think is bad: Trashing the whole system, or trashing your ~ ? A system can be reinstalled, but most people dont back up their data.

    Now, why dont Linux malwares work? They do, if the user lets them. It's just that much harder to make a program run from a browser window or from bad servers on various ports. Linux machines are usually more locked down to prevent evil stuff on the outside.

    --
  4. Re:Nothing to do with Vista by figleaf · · Score: 4, Informative

    Did you notice that report was created a company which sells its own anti-virus product?

  5. This is just one review... by Aryeh+Goretsky · · Score: 4, Informative

    Hello,

    I shared my thoughts on this over here on Neowin.Net's forums, so I really don't just want to do a cut-and-paste job and post what I wrote in verbatim here.

    This is one of the first of a series of comparisons to include Microsoft Windows Live OneCare that Virus Bulletin Magazine has been doing for many years. While I suspect it is more frustrating than embarrassing at this point for the team responsible for Microsoft's Windows Live OneCare, this is really Microsoft's first attempt at providing their own comprehensive anti-malware solution—MSAV, the product which shipped with DOS does not count, it was licensed from Central Point Software (who was later acquired by Symantec) who, in turn, had licensed the software from Carmel Software—and it is going to take some time and lots of signature release cycles in order to get their detection rate fine-tuned.

    I don't expect this first Virus Bulletin product comparison to be the last, and the question really isn't how Microsoft did this time: It is how their product does over the next year or two that matters. If it gets worse or stays the same, they are just another competitor in the space (albeit the one with the deepest products). If, however, their detection rate improves, it is going to make it just that much more difficult for their competitors to compete against them.

    As a disclaimer of sorts, I should mention that happen I work for one of the computer security companies that Microsoft competes against with this products, so this dicussion is far from academic for me. Frankly, though, I'm not expecting Microsoft's entry into this space to have any effect on my employer—we are good at what we do and have a very loyal customer base. Also, we tend to compete against other, similarly-sized companies in the field. What I do worry about, though, is how some of my friends and colleagues at the largest companies are going to handle Microsoft's entrance as they are going to be competing head-to-head against Microsoft for marketshare.


    Regards,

    Aryeh Goretsky

    --
    Dexter is a good dog.
  6. Strange... by Critical_ · · Score: 4, Informative

    Has anyone bothered to do some fact/typo checking before posting this stuff?

    Microsoft's offering was one of four suites which failed to detect all malware. The others were G-Data AntiVirusKit 2007 v.17.0.6353, McAfee VirusScan Enterprise 8.1i and Norman Virus Control 5.90.

    See, I run McAfee VirusScan Enterprise on Desktops and Servers here without problems. The latest version in the 8.0 line is 8.0i patch 15. The Vista-compatible version is 8.5i which also works on Windows XP. There is no version 8.1i that I know of. Obviously this doesn't change the message that McAfee didn't earn the seal but I've never had problems with the VirusScan Enterprise line. To be frank, I've never encountered a single infection or uncontrolled virus problem on our network.

    Plus, who honestly uses just *one* virus scanner on the perimeter of their Microsoft Server-system based network? I certainly don't. For example, Exchange 2003 server on the perimeter runs software from GFI which has three separate virus scanning engines. This coupled with application executable hash-based protection offered in BlackICE takes care of the rest of the problems at the desktop/server level. It's the price we pay for using MS software.

  7. Re:*What* VirusControl? by DeeZee · · Score: 5, Informative

    Norman was founded in 1984, well before Peter Norton made an antivirus utility.

    Thanks for playing, though!

  8. Re:A very good excuse... by BlackRookSix · · Score: 3, Informative

    Wrong. I was in an AV company for a while, and this is like the Oscars to them. Everything rides on their reputation, and this rating (along with The Pundits Choice Awards: Garner reports) can make or break a small company trying to break into corporate clients. Their sales people now face a HUGE uphill battle that they may never surmount, even if they make the VB100 next test phase.

  9. Re:I wonder how a Free anti-virus program would do by aztracker1 · · Score: 3, Informative

    There is no resident/active file scanning with ClamAV, at least not from the clamav/clamwin developers afaik.

    --
    Michael J. Ryan - tracker1.info