Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Security Essentials Loses AV-Test Certificate

Posted by samzenpus on from the is-there-extra-credit? dept.

helix2301 writes "Every two months, AV-Test takes a look at popular antivirus software and security suites and tests them in several ways. In their latest test which was performed on Windows 7 during September and October, Microsoft Security Essentials didn't pass the test to achieve certification. Although that may not sound that impressive, Microsoft's program was the only one which didn't receive AV-Test's certificate. For comparison, the other free antivirus software, including Avast, AVG and Panda Cloud did."

31 of 185 comments (clear)

  1. No wonder it's so fast! by Anonymous Coward · · Score: 3, Funny

    NOP

  2. Now for the rest of them... by multiben · · Score: 5, Interesting

    Seriously. Most anti-virus software is worse than getting a virus.

    1. Re:Now for the rest of them... by Anonymous Coward · · Score: 5, Informative

      What is strange is MSE is the only one of those products listed I have ever seen effectively block any malware.

    2. Re:Now for the rest of them... by Anonymous Coward · · Score: 5, Insightful

      Last time I saw a test like this it was from a Symantec paid shill. Don't expect this to be any different.

      Probably Microsoft doesn't pay AV-Test

    3. Re:Now for the rest of them... by Voyager529 · · Score: 5, Interesting

      I know, it's anonymous coward and all...but I had an interesting issue along this vein...

      Two weeks ago, a client called us saying she got some FBI scareware that also tapped into her webcam. I went to investigate. No FBI scareware when I tried it, but I did see security essentials find stuff, and take some time to remove each item...during which it invariably found more.

      So, I tried the usual tools - Fixboot/Fixmbr, Combofix, TDSSKiller, ADWMBR, Malwarebytes, and my trusty ESET NOD32 recovery disc. None of that seemed to stop it. So I tried a repair XP install. I learned that the 'repair' install doesn't do nearly as much as I'd like it to, but whatevs, it was gone. ESET said it was clean, TDSSKiller said it was clean, Combofix said it was clean, and MBAM said it was clean. Security Essentials wouldn't shut up.

      I googled a bit and found out that this client had caught one of the strains from the xpaj family. It does EVERYTHING - MBR rewrite, device driver, etc. Seriously among the nastiest virus infections I've ever come across. Further googling revealed that Kaspersky had an explicitly dedicated removal tool just for xpaj. it took about half an hour to run, and found literally thousands of files infected with it. It must have been file headers or something because they were all ultimately cleaned...but this thing fooled EVERYONE but Security Essentials.

      Now granted MSE didn't completely take care of the issue, and clearly it also didn't stop it from running amuck...but it did find something nothing else I tried did...so I'm not thoroughly convinced that writing it off wholesale isn't entirely warranted either.

    4. Re:Now for the rest of them... by fast+turtle · · Score: 3, Informative

      If it's a bad trojan/virus, MSE works quite well in getting rid of it. Keep in mind that MSE is basically Windows Defender on Steroids so it works quite well for some things.

      I've been using it on a Win7-64 install for the last 2 years and it's been pretty damn decent as it simply stays out of the way. If I'm going to visit an dogdy place online, I'll use Palemoon (based on firefox) with noscript. Pretty effective in blocking crap I don't want while allowing me to at least get an idea if I want to finish loading a site.

      --
      Mod me up/Mod me down: I wont frown as I've no crown
    5. Re:Now for the rest of them... by chrish · · Score: 3, Informative

      The fact that they rated Sophos so highly, when it opens up a huge exciting new attack surface for you sort of suggests this "certification" is fairly pointless.

      --
      - chrish
  3. Re:This is a surprise? by MightyYar · · Score: 3, Interesting

    "Trust"? I don't know about that. But I at least thought it would satisfy the minimal needs I have for such a product. I'd been using AVG for years under XP - maybe I'll install that again.

    --
    W..w..W - Willy Waterloo washes Warren Wiggins who is washing Waldo Woo.
  4. Re:Sadly AVG is shit by crafty.munchkin · · Score: 3, Interesting

    Seems pretty good to me, and doesn't bug you to buy the full version like AVG does.

    --
    ... wait, what?
  5. Re:This is a surprise? by stewartjm · · Score: 4, Insightful

    Even the best AV is barely more than snake oil. The primary purpose of running AV software, at least in a business setting, is to have a ready made scapegoat for when security is breached.

  6. Re:Shocking by war4peace · · Score: 3, Insightful

    I have Avast, which scored way better and guess what... It's free as well. Go figure...
    Oh and to your analogy, it's like comparing Paint with Gimp.

    --
    ...gis sdrawkcab (usually not responding to ACs; don't bother posting as AC)
  7. Re:Shocking by ilguido · · Score: 3, Insightful

    Ahem: "For comparison, the other free antivirus software, including Avast, AVG and Panda Cloud did". You know, there is not just the title.

  8. Zero Day Whoop de Do by olsonish · · Score: 4, Insightful

    I can't even remember the last time I got a virus within 24 hours of it being revealed as existing. Once upon a time I recall seeing a Monkey A virus back in the 90's. If I recall, AV software wasn't even what revealed it, it was something I found on my own trying to fix someone else's busted box. I'll be keeping MSE installed. I've found many of the free AV programs to be cumbersome and slow, and quite frankly annoying about 'protecting my system' and 'staying updated'. Stay out of shady places and avoid file sharing except when necessary and it won't be a problem. Kind of like not raw dogging dirty hookers freely, common sense behavior if you don't want to catch the Cannasyphiliaids virus.

  9. Re:This is a surprise? by Billly+Gates · · Score: 3, Interesting

    Try Avast? It is much lighter and is free with registration. I like the gaming mode where it shuts up and doesn't bug and that is a plus. I quit using MSe over a year ago after it showed dissapointing results.

    --
    http://saveie6.com/
  10. Missing Piece from Test by Eskarel · · Score: 5, Insightful

    The main reason I use MSE is that it does an adequate job and unlike every one of the competitors free or otherwise, installing it isn't worse than getting infected with Malware. Last time I used either AVG or Avast it was like infecting my PC on purpose. I'll pass up some protection against zero days(which is spotty at best anyway) in exchange for not installing crap.

  11. Usability: Vipre? by whoever57 · · Score: 3, Insightful

    We have a number of PCs from a one manufacturer on which Vipre cannot update itself. This has happened with more than one release. It is necessary to not only uninstall, but do a clean-up after uninstalling and then re-install the new version. After doing this on one machine, and then having a later release also fail to install, I won't bother with Vipre again.

    On that basis, Vipre should lose points for usability.

    Oh, and it also asks unprivileged (non-administrator) users to run the update. What's the point in that?

    --
    The real "Libtards" are the Libertarians!
  12. Adblockers are more effective. by Ectospheno · · Score: 3, Informative

    A good ad blocker in your browser will be more effective in the long run than any AV software you install. Couple that with the common sense to not download and run every piece of crap you see on the internet and your computer will be fine. Every instance of an infection I've seen involved the person breaking one of those two simple rules.

  13. Re:This is a surprise? by mister_playboy · · Score: 5, Insightful

    By running Windows, you are already placing trust in Microsoft. Using MSE seems like a entirely logical extension of that.

    That is to say, why bother yourself about one program from MS when you are using an entire OS made by them?

    --
    Do what thou wilt shall be the whole of the Law ::: Love is the law, love under will
  14. Re:This is a surprise? by stewartjm · · Score: 5, Insightful

    RL Vaccinations are an example of human intelligence triumphing over at least semi-stupid self replicating DNA chunks.

    AV software is developed by humans trying to stop other humans, a much much more intractable problem, especially when the Virus developers always have the first move. The Virus developers can trivially test their software against the AV, with almost no effort. The AV developers have to expend tremendous effort to even try to catalog the threats, let alone combat them.

    Most likely the very fact that Security Essentials is faring so badly, is due to the fact that the Virus writers are being especially sure to find ways around it before launching new malware.

  15. Re:Defective product. by hairyfeet · · Score: 4, Informative

    This is not surprising to me, and why I've always said the MSE is only for geeks that aren't going anywhere dodgy and thus at little risk to start with. For normal folks there is Avast Free and Comodo Internet Security. Avast is good, but a little chatty but some people like chatty, and Comodo is good and pretty customizable but has a bit of a learning curve since it has sandboxing but if you stick with the defaults other than the occasional sanbox question it works good without getting in your way.

    But I have taken machines I've got to wipe and refurb anyway at the shop and thrown different AVs on them and went to the kinds of sites I've seen the most bugs from, usually the "look at teh tittez" dodgy clip porn sites like redtube and the usual toplists and MSE was the ONLY one that never stopped a page loading, even ones that were obviously filled with malware, the rest would at least block most and keep the embedded malware scripts from running but not MSE, MSE seems to be more of a "scan a downloaded file" kind of protection rather than any good for dealing with modern nasties.

    Oh and for those that need to clean up an infected box? May I suggest Comodo Cleaning Essentials as its a great tool to have to clean up an already nasty PC. You can run it from a flash or CD, no need to install, and its damned good at getting the nasties out. as you can see it got 4 and a half stars and is free, so if you have to clean up any infected machines its best to have both the 32bit and 64bit on a keyring ready to go.

    --
    ACs don't waste your time replying, your posts are never seen by me.
  16. Re:Defective product. by InfoJunkie777 · · Score: 4, Informative

    I would agree that 3/4 of AV success is avoiding "dodgy" sites. However, I have never had any problems with malware on any porn site. The sites I have had problems with malware on were like pics of celebrities on Google Images, and you get a redirect to a malware driveby site, or, you lick on an ad that promises things free that should not be ... that kind of thing. I Used to AVG 2012, but when it went to 2013 it refused to activate, so I switched to Avast, and have not looked back. Higher rated and better protection.

    --
    Don't explain computers to laymen. Simpler to explain sex to a virgin. -- Robert A. Heinlein
  17. Re:This is a surprise? by phrackthat · · Score: 5, Interesting

    I stopped using AVG when they changed their license terms to unilaterally audit the location where the software is being used and gave themselves the right to unilaterally share my information with whomever they choose. - no thanks. See sections 9b and 12 of their license: - http://www.avg.com/us-en/eula-avg-2013-all-1-0

  18. Re:Defective product. by Billly+Gates · · Score: 3, Interesting

    There was a scandal last year when OBL was killed and hackers found a way to infect your system just by doing a search OBL dead pics. You did not even have to click on anything. THe code ran through Google redirected through clever javascript hacks. So if your daughter does a search for puppy pictures she is instantly infected!

    I am surprised it was mentioned only midly on slashdot as it took a few weeks to fix this and infected tens to hundreds of millions of pcs.

    --
    http://saveie6.com/
  19. Re:Shocking by girlintraining · · Score: 4, Insightful

    Free AV software included with operating system scores significantly lower than competitor products that cost money. Shocking!

    I remember back in the day, Netscape ruled the web, and internet explorer was a piece of crap that, while bundled with the operating system, nobody ever used. I remember when Microsoft first released mplayer, its first video player; Which looked sad and pathetic next to QuickTime. I remember how under Windows NT, the only method of defragmenting the filesystem was to reformat and start over, unless you bought Norton. I remember when Word Perfect was the only word processor anyone in the industry would recommend for professionals, and Microsoft Office was little more than notepad with a bag on the side. And I remember the first software firewalls by ZoneAlarm and others, compared to the pathetic XP firewall.

    Yes, I'm probably older than you. Yes, you can laugh: But I have a lot of memory to draw on, and all you have is sarcasm. In every case, Microsoft steadily improved their own offerings, and the market for those products imploded. Today, anti-virus built-in to windows sucks but if history is anything to judge by, it won't stay that way for long. Now get the f*ck off my lawn, and take your iPhones with you. Some of us work for a living.

    --
    #fuckbeta #iamslashdot #dicemustdie
  20. Re:Defective product. by Nostromo21 · · Score: 3, Insightful

    It is refreshing to have a mature comment/conversation about surfing internet porn. Shame I have no mod points right now ;).

    P2P torrent/ed2k porn is pretty safe to if you stick to avis/mpegs or other non-code-executable video files.

    I used AVG2012 as well until the license died, then switched to Avast on my XP box, but left the Win7 box & laptops on MSE/Win7 F/W *shudder*.
    Ok, it's not that bad, but I would really like a decent FREE AV/FW product that doesn't require a whole lotta attention, IYKWIM. AVG was ok until about 2 versions ago when they turned it into corpobloat & I left my old company that I got the licenses from in any case. We use F-Secure here, which I have no idea if it's good, bad or indifferent.

    Is this MSE story just FUD, or is there really a compelling reason to abandon it on inet/download heavy Win PCs...?

  21. It also depends on how you want to do things by Sycraft-fu · · Score: 4, Interesting

    One problem with AV is that as detection rate rises, so does false positive rate. So far, nobody has found a way around this. So some products go for heavy detection, Bitdefender being a good example. Fair enough, but it comes at the cost of more false positives (and it still isn't a 100% detection rate).

    MS goes the other way. They go for low false positives, and in the last AV Comapritives test they had 0, but at a lower detection rate.

    Why? Well because they are going for the mass market, the people who didn't want virus scanners. If the thing bothers them all the time with false positives, they'll turn it off, and then they have 0% detection. So instead they go for a lower detection rate, but with low false positives so people get some protection.

    I'm not calling it the right answer, but you can see the logic.

    And for that matter, I've found that in the real world, MSE seems to do better than Sophos, which is decidedly not free and very popular in enterprise.

  22. Idiotically ineffective rating system by slashmydots · · Score: 5, Informative

    I'll save you the trouble reading. They're idiots. The winner out of all of them was bitdefender? That slows down your system like a damn boat anchor. I've had customers bring in a computer to my shop claiming it had a horrible problem and the only problem was that it had bitdefender. As soon as it was gone, responsive times dropped 10x lower. It's unbelievable how bad that product is. For them to not consider system performance in any way means they obviously have no idea what they're doing. The same goes for Kaspersky. Their new 2013 version is a nightmare for system performance. Norton Internet Security was third so yep, that's how responsible THESE idiots are.

  23. Re:Defective product. by norpy · · Score: 3, Funny

    However, if an AV can bring the OS to its knees something is wrong.

    You have obviously never installed mcaffee before

  24. Not really by Sycraft-fu · · Score: 3, Insightful

    This isn't a very worthwhile mass market test. 0-day detection is an interesting stat, and not worthless, as is proactive testing (AV Comparitives does that, takes a 6 month old AV scanner and sees how it does against current threats) but it isn't really a concern for most people. Computer viruses spread, well, like viruses. Not a lot of people get exposed on day 0. So as long as your virus scanner is updated reasonably frequently, it does a reasonably good job with threats you are actually likely to face.

  25. Re:Defective product. by tbannist · · Score: 3, Insightful

    I hadn't heard of that, and when I looked into it, the truth appeared to be different from what you claimed. It looks like you had to click on the picture, and then click to download and then install the malware. One of the sites had malware pretending to be a VLC update, the others were peddling fake anti-virus software.

    Then again considering the source... Bill Gates lying about Google? Why am I not surprised?

    --
    Fanatically anti-fanatical
  26. Re:Defective product. by tehcyder · · Score: 3, Informative

    Then again considering the source... Bill Gates lying about Google? Why am I not surprised?

    There is just an outside chance that the slashdot user "Billly Gates" isn't, in fact, the multi-billionaire former CEO of Microsoft.

    --
    To have a right to do a thing is not at all the same as to be right in doing it