Skip the navigation
News

Microsoft's OneCare improves antivirus test ranking

But top-dog NOD32 detects nearly five times more new threats than 14th-place OneCare

By Gregg Keizer
June 1, 2007 12:00 PM ET

Computerworld - Microsoft Corp.'s Windows Live OneCare climbed from March's dead last to 14th place in a test of 17 antivirus programs, an Austrian security researcher reported today.

Andreas Cleminti's AV Comparatives latest test pitted the top antivirus software against the 20,000-some threats that debuted during the last three months to measure how well each could finger unknown exploits. Cleminti stopped updating each product's virus database, or "signature," Feb. 2, but continued to probe their defenses with every newly discovered virus, malicious script, worm, Trojan, or backdoor until May 2.

"Even if most antivirus products provide daily or hourly [signature] updates, without heuristic/generic methods [of detection] there is always a time frame where the user is not protected," Cleminti said in the report issued today.

Cleminti tallied the number of threats each program detected without the benefit of new signatures, as well as totaled the "false positives," the term for when antivirus software flags an innocent, legitimate file, and timed how long it took the software to scan the test PC's hard drive.

Only one program, ESET LLC's NOD32 AntiVirus was pegged by Cleminti with the highest-possible "Advanced+" label. NOD32 correctly identified 68% of 20,522 new threats that appeared in the three months. Avira GmbH's AntiVir PE Premium and Fortinet Inc.'s FortiClient actually detected more threats -- each spotted 71% -- but high numbers of false positives downgraded the final ranking of both.

Behind NOD32 were AEC Ltd.'s TrustPort AV WS, which detected 58% of the malware, and BitDefender's same-named BitDefender Professional Plus, at 48%. GriSoft Inc.'s AVG Anti-Malware posted an 8% detection rate to rank last.

Microsoft's OneCare, which placed 17th out of 17 in March when Cleminti tested signature-updated software against nearly half a million pieces of malware, fared better this time. Although it detected only 18% of the new exploits, that was good enough for 14th place.

After Cleminti released the March report that said OneCare held last place, Microsoft conceded that their antivirus software's performance was "not stellar" and promised it would make changes to boost its rankings. Today, however, when asked what the company's anti-malware team thought of its slight climb from 14th to 17th, a spokeswoman e-mailed a stock statement that representatives had used before.

"We are looking closely at the methodology and results of the test to ensure that Windows Live OneCare performs better in future tests and determine whether any learnings from these tests can be used to improve our services," the spokeswoman said.

Symantec Corp.'s Norton AntiVirus, which detected 24% of the new threats, was the only product of the 17 tested that raised no false alarms. "Norton was again [for the third time] the only antivirus product in this test which had no false positives," the report said. "This is an indication of high quality assurance tests before the release of updates in order to avoid false positives."

The praise was poorly timed, as Symantec released a signature a week ago that mistook critical Windows files for a Trojan, and after falsely quarantining the files, crippled thousands, perhaps millions, of PCs in China.

Cleminti's report is available online (click on "Comparatives" in the nav bar, then report #14).

Read more about Security in Computerworld's Security Topic Center.



Additional Resources
Forrester Consulting - Optimizing Users and Applications in a Mobile World
WHITE PAPER
Solving application issues over the WAN requires careful consideration. Based on their independent research, Forrester Consulting offers recommendations on how to tackle application performance issues, insufficient bandwidth and the inability to quickly restore users in a disaster.

Read now.

Security KnowledgeVault
WHITE PAPER
Security is not an option. This KnowledgeVault Series offers professional advice how to be proactive in the fight against cybercrimes and multi-layered security threats; how to adopt a holistic approach to protecting and managing data; and how to hire a qualified security assessor. Make security your Number 1 priority.

Read now.

Cut Communications Costs Once and for All
WHITE PAPER
New IP-based communications systems are being deployed by small and midsized businesses at a rapid rate. Learn how these organizations are enabling faster responsiveness, creating better customer experiences, speeding office or mobile interactions, and dramatically reducing existing communications costs.

Read now.

Security White Papers
Overcome Top 7 Admin Challenges of Active Directory
As Active Directory's role in the enterprise has drastically increased, so has the need to secure the data. Gain insight on creating repeatable,...
Insiders Can Ruin Your Company. Take Action.
Did you know that 80 percent of threats to an organization come from the inside? The threat from insiders is often overlooked in...
Top Solutions and Tools to Prevent Devastating Malware
Custom malware frequently goes undetected. According to Forrester Research, the best way to reduce risk of breach is to deploy file integrity monitoring...
X-Ray of the PCI Process-4 Proactive Steps
This white paper from Forrester Research Inc., helps break PCI into understandable components. Security and risk professionals will gain knowledge and insight into...
Identity Governance: The Business Imperatives
This white paper describes the business challenges and opportunities that are driving interest in Identity Governance while discussing considerations your organization should make...
All Security White Papers
Security Webcasts
Live Webcast
Playing Defense: Staying on Top of Your Disaster Recovery Game
When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...
Introduction to VMware vCenter Site Recovery Manager 5
Traditional disaster recovery solutions are often too expensive, complex and unreliable to meet business requirements. As a result, IT departments are hesitant to...
The Top Ten Secrets to Avoiding SAN Performance Problems
Maintaining peak performance while simultaneously addressing the root cause of SAN errors is challenging. Learn the most common SAN problems and explore new...
Deduplication Without Compromise
Go inside Quantum's scalable, high-performance, multi-protocol new DXi deduplication appliances, designed to make backup much more effective. Discover how the new future-proof DXi6700...
Director of Disk Products Discusses DXi6700
Discover how the new DXi 6700 series of deduplication appliances provide investment protection and a future-proof feature set, all while delivering fast, scalable,...
Playing Defense: Staying on Top of Your Disaster Recovery Game
When it comes to disaster recovery, rapidly growing data volumes, distributed computing models, and new technologies all combine to present an ever-changing playing...
All Security Webcasts
Newsletter Sign-Up

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  1. View all newsletters | Privacy Policy
IT Jobs