Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Security Essentials Misses 39% of Malware

Posted by timothy on from the talked-harshly-with-the-other-61-percent dept.

Barence writes "The latest tests from Dennis Publishing's security labs saw Microsoft Security Essentials fail to detect 39% of the real-world malware thrown at it. Dennis Technology Labs (DTL) tested nine home security products on a Windows 7 PC, including Security Essentials, which is distributed free to Windows users and built into Windows 8 in the form of Windows Defender. While the other eight packages all achieved protection scores of 87% or higher — with five scoring 98% or 99% — Microsoft's free antivirus software protected against only 61% of the malware samples used in the test. Microsoft conceded last year that its security software was intended to offer only "baseline" performance"."

5 of 149 comments (clear)

  1. Actual Reports by mythosaz · · Score: 5, Informative

    http://dennistechnologylabs.com/reports/s/a-m/2013/DTL_2013_Q4_Home.1.pdf

    1. Re:Actual Reports by hairyfeet · · Score: 4, Informative

      I have an even better question....how much of the stuff did he just ignore what MSE told him and kept on installing? How much was an actual failure, IE a drive by or zero warning from MSE, and how much was deliberate PEBKAC?

      As a PC builder and repairman I have more exp than most when it comes to bugs and AVs (disclosure, I give customers Comodo or Avira, depending on how big PEBKAC they are) and I use MSE on my gaming system and here is the thing...while MSE will TELL you, it won't yank the keyboard out of your hand and slap your wrists. You can say "I choose to ignore this" and click a single button and bypass the block. Now some AVs very much WILL yank the keyboard from you, in fact I recently stopped giving out Avast because it had gotten SO aggressive that even if you told it that it was a false positive and to let it run? it would just straight up ignore you.

      But here is the two things you must keep in mind if you choose to run MSE, 1.- It don't do shit as far as webpages, in fact I don't think I have ever seen MSE block single webpage no matter what was on it, so using a browser that runs in low rights mode is a must, and 2.- It was originally Giant AntiSpy and so that is what it works best on, its not really any good at blocking the social engineering based attacks we see a lot today, the "Hey its your BFF (insert name) on (insert chat client) and I found this great page, just click here!" where the person is then led to a page full of zero days type of attack.

      That said frankly you shouldn't be giving MSE to your clueless types anyway, that is what a sandboxing AV like Comodo or one that holds their hand like Avira is best at, what MSE is for is for your non clueless who aren't gonna be doing PEBKAC shit and just want a lightweight AV to scan executables and add another layer to their defenses. It was never designed to be the end all be all, you got half a dozen free AVs that do that particular job VERY well, but all of them do HELL of a lot more scanning and thus take up more cycles, and when I'm gaming or editing audio/video? I NEED those cycles, thanks anyway.

      My Win 7 system has been running ME since RTM in Oct 09 and its clean as a whistle, then again I run a low rights browser with ABP (a good 85% of bugs IME come from infected ads), don't run strange executables and don't click on email links either. If you are smart enough to show common sense on the web? MSE is fine. if not? Comodo, Avira, Avast, you have choices.

      --
      ACs don't waste your time replying, your posts are never seen by me.
  2. Re:They'd get convicted again by chuckugly · · Score: 4, Informative

    It used to be pretty decent, at one point MS was trying to recruit me to work on that since I had a lot of AV development experience; I eventually declined and fed them a few resumes who they did hire, but to get to the point, they have done this in the past at least once before. Maintaining AV is an ongoing and expensive endeavor, and MS just doesn't seem to learn that lesson. It's not something they can develop and then tweak for year after year, they need to have developers and AV researchers on it 24/7, every week of the year. That's not cheap and apparently not their model.

  3. Re:Bullshit February 2013 DennisTech by retroworks · · Score: 5, Informative

    http://www.geek.com/microsoft/microsoft-security-essentials-strikes-out-on-questionable-av-test-1538990/ Geek.com outed this testing firm last Friday for A) running MSE without applied windows updates, and B) accepting sponsorship from tested softwares.

    --
    Gently reply
  4. Re:Bullshit by Anonymous Coward · · Score: 2, Informative

    You've obviously not used Norton in the recent years have you.
    I swear you nerds are stuck with obsolete knowledge and refuse to accept that things change.

    Microsoft Security Essentials was one of the best when it first came out and is now of the worst. Things go both ways.