Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Security Essentials Loses AV-Test Certificate

Posted by samzenpus on from the is-there-extra-credit? dept.

helix2301 writes "Every two months, AV-Test takes a look at popular antivirus software and security suites and tests them in several ways. In their latest test which was performed on Windows 7 during September and October, Microsoft Security Essentials didn't pass the test to achieve certification. Although that may not sound that impressive, Microsoft's program was the only one which didn't receive AV-Test's certificate. For comparison, the other free antivirus software, including Avast, AVG and Panda Cloud did."

15 of 185 comments (clear)

  1. Now for the rest of them... by multiben · · Score: 5, Interesting

    Seriously. Most anti-virus software is worse than getting a virus.

    1. Re:Now for the rest of them... by Anonymous Coward · · Score: 5, Informative

      What is strange is MSE is the only one of those products listed I have ever seen effectively block any malware.

    2. Re:Now for the rest of them... by Anonymous Coward · · Score: 5, Insightful

      Last time I saw a test like this it was from a Symantec paid shill. Don't expect this to be any different.

      Probably Microsoft doesn't pay AV-Test

    3. Re:Now for the rest of them... by Voyager529 · · Score: 5, Interesting

      I know, it's anonymous coward and all...but I had an interesting issue along this vein...

      Two weeks ago, a client called us saying she got some FBI scareware that also tapped into her webcam. I went to investigate. No FBI scareware when I tried it, but I did see security essentials find stuff, and take some time to remove each item...during which it invariably found more.

      So, I tried the usual tools - Fixboot/Fixmbr, Combofix, TDSSKiller, ADWMBR, Malwarebytes, and my trusty ESET NOD32 recovery disc. None of that seemed to stop it. So I tried a repair XP install. I learned that the 'repair' install doesn't do nearly as much as I'd like it to, but whatevs, it was gone. ESET said it was clean, TDSSKiller said it was clean, Combofix said it was clean, and MBAM said it was clean. Security Essentials wouldn't shut up.

      I googled a bit and found out that this client had caught one of the strains from the xpaj family. It does EVERYTHING - MBR rewrite, device driver, etc. Seriously among the nastiest virus infections I've ever come across. Further googling revealed that Kaspersky had an explicitly dedicated removal tool just for xpaj. it took about half an hour to run, and found literally thousands of files infected with it. It must have been file headers or something because they were all ultimately cleaned...but this thing fooled EVERYONE but Security Essentials.

      Now granted MSE didn't completely take care of the issue, and clearly it also didn't stop it from running amuck...but it did find something nothing else I tried did...so I'm not thoroughly convinced that writing it off wholesale isn't entirely warranted either.

  2. Re:This is a surprise? by stewartjm · · Score: 4, Insightful

    Even the best AV is barely more than snake oil. The primary purpose of running AV software, at least in a business setting, is to have a ready made scapegoat for when security is breached.

  3. Zero Day Whoop de Do by olsonish · · Score: 4, Insightful

    I can't even remember the last time I got a virus within 24 hours of it being revealed as existing. Once upon a time I recall seeing a Monkey A virus back in the 90's. If I recall, AV software wasn't even what revealed it, it was something I found on my own trying to fix someone else's busted box. I'll be keeping MSE installed. I've found many of the free AV programs to be cumbersome and slow, and quite frankly annoying about 'protecting my system' and 'staying updated'. Stay out of shady places and avoid file sharing except when necessary and it won't be a problem. Kind of like not raw dogging dirty hookers freely, common sense behavior if you don't want to catch the Cannasyphiliaids virus.

  4. Missing Piece from Test by Eskarel · · Score: 5, Insightful

    The main reason I use MSE is that it does an adequate job and unlike every one of the competitors free or otherwise, installing it isn't worse than getting infected with Malware. Last time I used either AVG or Avast it was like infecting my PC on purpose. I'll pass up some protection against zero days(which is spotty at best anyway) in exchange for not installing crap.

  5. Re:This is a surprise? by mister_playboy · · Score: 5, Insightful

    By running Windows, you are already placing trust in Microsoft. Using MSE seems like a entirely logical extension of that.

    That is to say, why bother yourself about one program from MS when you are using an entire OS made by them?

    --
    Do what thou wilt shall be the whole of the Law ::: Love is the law, love under will
  6. Re:This is a surprise? by stewartjm · · Score: 5, Insightful

    RL Vaccinations are an example of human intelligence triumphing over at least semi-stupid self replicating DNA chunks.

    AV software is developed by humans trying to stop other humans, a much much more intractable problem, especially when the Virus developers always have the first move. The Virus developers can trivially test their software against the AV, with almost no effort. The AV developers have to expend tremendous effort to even try to catalog the threats, let alone combat them.

    Most likely the very fact that Security Essentials is faring so badly, is due to the fact that the Virus writers are being especially sure to find ways around it before launching new malware.

  7. Re:Defective product. by hairyfeet · · Score: 4, Informative

    This is not surprising to me, and why I've always said the MSE is only for geeks that aren't going anywhere dodgy and thus at little risk to start with. For normal folks there is Avast Free and Comodo Internet Security. Avast is good, but a little chatty but some people like chatty, and Comodo is good and pretty customizable but has a bit of a learning curve since it has sandboxing but if you stick with the defaults other than the occasional sanbox question it works good without getting in your way.

    But I have taken machines I've got to wipe and refurb anyway at the shop and thrown different AVs on them and went to the kinds of sites I've seen the most bugs from, usually the "look at teh tittez" dodgy clip porn sites like redtube and the usual toplists and MSE was the ONLY one that never stopped a page loading, even ones that were obviously filled with malware, the rest would at least block most and keep the embedded malware scripts from running but not MSE, MSE seems to be more of a "scan a downloaded file" kind of protection rather than any good for dealing with modern nasties.

    Oh and for those that need to clean up an infected box? May I suggest Comodo Cleaning Essentials as its a great tool to have to clean up an already nasty PC. You can run it from a flash or CD, no need to install, and its damned good at getting the nasties out. as you can see it got 4 and a half stars and is free, so if you have to clean up any infected machines its best to have both the 32bit and 64bit on a keyring ready to go.

    --
    ACs don't waste your time replying, your posts are never seen by me.
  8. Re:Defective product. by InfoJunkie777 · · Score: 4, Informative

    I would agree that 3/4 of AV success is avoiding "dodgy" sites. However, I have never had any problems with malware on any porn site. The sites I have had problems with malware on were like pics of celebrities on Google Images, and you get a redirect to a malware driveby site, or, you lick on an ad that promises things free that should not be ... that kind of thing. I Used to AVG 2012, but when it went to 2013 it refused to activate, so I switched to Avast, and have not looked back. Higher rated and better protection.

    --
    Don't explain computers to laymen. Simpler to explain sex to a virgin. -- Robert A. Heinlein
  9. Re:This is a surprise? by phrackthat · · Score: 5, Interesting

    I stopped using AVG when they changed their license terms to unilaterally audit the location where the software is being used and gave themselves the right to unilaterally share my information with whomever they choose. - no thanks. See sections 9b and 12 of their license: - http://www.avg.com/us-en/eula-avg-2013-all-1-0

  10. Re:Shocking by girlintraining · · Score: 4, Insightful

    Free AV software included with operating system scores significantly lower than competitor products that cost money. Shocking!

    I remember back in the day, Netscape ruled the web, and internet explorer was a piece of crap that, while bundled with the operating system, nobody ever used. I remember when Microsoft first released mplayer, its first video player; Which looked sad and pathetic next to QuickTime. I remember how under Windows NT, the only method of defragmenting the filesystem was to reformat and start over, unless you bought Norton. I remember when Word Perfect was the only word processor anyone in the industry would recommend for professionals, and Microsoft Office was little more than notepad with a bag on the side. And I remember the first software firewalls by ZoneAlarm and others, compared to the pathetic XP firewall.

    Yes, I'm probably older than you. Yes, you can laugh: But I have a lot of memory to draw on, and all you have is sarcasm. In every case, Microsoft steadily improved their own offerings, and the market for those products imploded. Today, anti-virus built-in to windows sucks but if history is anything to judge by, it won't stay that way for long. Now get the f*ck off my lawn, and take your iPhones with you. Some of us work for a living.

    --
    #fuckbeta #iamslashdot #dicemustdie
  11. It also depends on how you want to do things by Sycraft-fu · · Score: 4, Interesting

    One problem with AV is that as detection rate rises, so does false positive rate. So far, nobody has found a way around this. So some products go for heavy detection, Bitdefender being a good example. Fair enough, but it comes at the cost of more false positives (and it still isn't a 100% detection rate).

    MS goes the other way. They go for low false positives, and in the last AV Comapritives test they had 0, but at a lower detection rate.

    Why? Well because they are going for the mass market, the people who didn't want virus scanners. If the thing bothers them all the time with false positives, they'll turn it off, and then they have 0% detection. So instead they go for a lower detection rate, but with low false positives so people get some protection.

    I'm not calling it the right answer, but you can see the logic.

    And for that matter, I've found that in the real world, MSE seems to do better than Sophos, which is decidedly not free and very popular in enterprise.

  12. Idiotically ineffective rating system by slashmydots · · Score: 5, Informative

    I'll save you the trouble reading. They're idiots. The winner out of all of them was bitdefender? That slows down your system like a damn boat anchor. I've had customers bring in a computer to my shop claiming it had a horrible problem and the only problem was that it had bitdefender. As soon as it was gone, responsive times dropped 10x lower. It's unbelievable how bad that product is. For them to not consider system performance in any way means they obviously have no idea what they're doing. The same goes for Kaspersky. Their new 2013 version is a nightmare for system performance. Norton Internet Security was third so yep, that's how responsible THESE idiots are.