Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Vista AV Fails Certification

Posted by kdawson on from the black-eye dept.

An anonymous reader writes "Microsoft's much-hyped anti-virus solution, Live OneCare and three other Vista AV products failed to achieve the Virus Bulletin's VB100 certification. The other products are McAfee's VirusScan Enterprise, G DATA's AntiVirusKit 2007, and Norman's VirusControl. All failed to pass a series of tests that are required to display the VB100 badge. 'With the number of delays that we've seen in Vista's release, there's no excuse for security vendors not to have got their products right by now,' said John Hawes, technical consultant at Virus Bulletin."

16 of 161 comments (clear)

  1. excuses... by solstice680 · · Score: 5, Interesting

    What about "We didn't have access to Vista's internals until two months ago?"

    That would be a good excuse for most security vendors...

    1. Re:excuses... by ThinkFr33ly · · Score: 5, Informative

      Actually, the details on implementing anti-virus for Vista, and other low level filters, have been available for well over a year. Some documentation has been avilable for more than 2 years.

      That's how companies like Kaspersky and AVG came out with fully Vista compliant versions of their software months ago. Software which works extremely well, by the way. (Kaspersky passed this test. It says so right in the article.)

  2. A very good excuse... by bhirsch · · Score: 4, Interesting

    A VB100 badge means little or nothing to these companies, much less their consumers.

  3. Nothing to do with Vista by ThinkFr33ly · · Score: 5, Interesting

    This has nothing to do with Vista, and everything to do with crappy anti-virus products. Neither OneCare or McAfee for XP have ever tested well, so why would anybody think that they would test well on Vista?

    If you read the entire article, you'll notice a little blurb at the end that several vendors passed the test, one of which was Kaspersky. Another excellent vendor for Vista is AVG.

    Kaspersky consistantly beats all the other major anti-virus vendors, but I guess the story wouldn't be quite as Slashdot-worthy if it ready "Kaspersky Anti-Virus on Vista Works Great!".

    1. Re:Nothing to do with Vista by figleaf · · Score: 4, Informative

      Did you notice that report was created a company which sells its own anti-virus product?

    2. Re:Nothing to do with Vista by zx-15 · · Score: 5, Funny

      Kaskpersky is certainly a very effective antivirus, a lot of security comes from using 100% of CPU when browsing network folders, thus preventing the user from downloading viruses.

  4. OH NO, NO VB100??!? by madsheep · · Score: 5, Funny

    I heard they also didn't earn the WTF200 or the LOL500. Based on failing to get the three of these certifcations and seeing how all three of them are as equally popular..this software will surely be going no where.

  5. *What* VirusControl? by SeaFox · · Score: 4, Insightful

    The other products are McAfee's VirusScan Enterprise, G DATA's AntiVirusKit 2007, and Norman's VirusControl.
    Norman's VirusControl. Yeah, that doesn't look like an attempt to market a product that deliberately sounds like a competitor...

    Now, if you're excuse me, I need to get back to setting up my Linkskey router...
    1. Re:*What* VirusControl? by DeeZee · · Score: 5, Informative

      Norman was founded in 1984, well before Peter Norton made an antivirus utility.

      Thanks for playing, though!

  6. Re:Remind me.... by wordsnyc · · Score: 5, Funny

    They rang the fucking bell days ago. Salivate, dammit.

    --
    Sent from the iPad I found in your car.
  7. No excuse, like no excuse... by djupedal · · Score: 4, Funny

    "With the number of delays that we've seen in Vista's release, there's no excuse for security vendors not to have got their products right by now..."

    Security vendors. They're all alike. They say they come to help...to save us from all things dark, but in their black hearts, they all want the same thing. They all want to RULE the earth!

  8. This is just one review... by Aryeh+Goretsky · · Score: 4, Informative

    Hello,

    I shared my thoughts on this over here on Neowin.Net's forums, so I really don't just want to do a cut-and-paste job and post what I wrote in verbatim here.

    This is one of the first of a series of comparisons to include Microsoft Windows Live OneCare that Virus Bulletin Magazine has been doing for many years. While I suspect it is more frustrating than embarrassing at this point for the team responsible for Microsoft's Windows Live OneCare, this is really Microsoft's first attempt at providing their own comprehensive anti-malware solution—MSAV, the product which shipped with DOS does not count, it was licensed from Central Point Software (who was later acquired by Symantec) who, in turn, had licensed the software from Carmel Software—and it is going to take some time and lots of signature release cycles in order to get their detection rate fine-tuned.

    I don't expect this first Virus Bulletin product comparison to be the last, and the question really isn't how Microsoft did this time: It is how their product does over the next year or two that matters. If it gets worse or stays the same, they are just another competitor in the space (albeit the one with the deepest products). If, however, their detection rate improves, it is going to make it just that much more difficult for their competitors to compete against them.

    As a disclaimer of sorts, I should mention that happen I work for one of the computer security companies that Microsoft competes against with this products, so this dicussion is far from academic for me. Frankly, though, I'm not expecting Microsoft's entry into this space to have any effect on my employer—we are good at what we do and have a very loyal customer base. Also, we tend to compete against other, similarly-sized companies in the field. What I do worry about, though, is how some of my friends and colleagues at the largest companies are going to handle Microsoft's entrance as they are going to be competing head-to-head against Microsoft for marketshare.


    Regards,

    Aryeh Goretsky

    --
    Dexter is a good dog.
  9. Strange... by Critical_ · · Score: 4, Informative

    Has anyone bothered to do some fact/typo checking before posting this stuff?

    Microsoft's offering was one of four suites which failed to detect all malware. The others were G-Data AntiVirusKit 2007 v.17.0.6353, McAfee VirusScan Enterprise 8.1i and Norman Virus Control 5.90.

    See, I run McAfee VirusScan Enterprise on Desktops and Servers here without problems. The latest version in the 8.0 line is 8.0i patch 15. The Vista-compatible version is 8.5i which also works on Windows XP. There is no version 8.1i that I know of. Obviously this doesn't change the message that McAfee didn't earn the seal but I've never had problems with the VirusScan Enterprise line. To be frank, I've never encountered a single infection or uncontrolled virus problem on our network.

    Plus, who honestly uses just *one* virus scanner on the perimeter of their Microsoft Server-system based network? I certainly don't. For example, Exchange 2003 server on the perimeter runs software from GFI which has three separate virus scanning engines. This coupled with application executable hash-based protection offered in BlackICE takes care of the rest of the problems at the desktop/server level. It's the price we pay for using MS software.

  10. Re:microsoft by Duhavid · · Score: 4, Funny

    Who cares which lib they used? glib, libc, etc, etc.

    --
    emt 377 emt 4
  11. Re:Hate to say it by the_womble · · Score: 4, Insightful
    What do you think is bad: Trashing the whole system, or trashing your ~ ? A system can be reinstalled, but most people dont back up their data.

    If we talking about trashing the system instead of trashing ~, you would be right in the case of a single user system.

    However, we are talking about trashing everything, against trashing just ~. Obviously just ~ is better.

    In the case of a multi-user system, trashing one users ~ is much better than trashing everything. Most home PCs are multi users. Office PCs are invariably single user, but they should get backed up.

    It is much easier to back up a single user's directory than an entire system.

    Finally, limited access to the system makes it harder for viruses to propagate. How is it going to run again after a log out? Most people do not regularly run executables from their own directories: the executables they do run will not be infected. Certainly something like bash_profile or an autostart directory, but cleaning these up should be trivial. Am I missing anything here?

  12. Re:Hello Symantec... by BCoates · · Score: 5, Insightful

    ... Symantec and McAffee to get their shit together and make an antivirus that doesn't suck.

    I'm not sure such a thing is even possible anymore. The usefulness of AV software has always been pretty questionable, and they never seem to have gotten over the threat model of months or years-old viruses being passed from floppy to floppy. Most threats are one-off now, like social engineering spam, one-day long trojan horse attacks, adware, and exploiting OS vulnerabilities to run spam zombies. As far as I can tell, my resource-hogging, system-destabilizing virus scanner does effectively nothing against any of those and there's no reason to believe it can be changed to do so.