Independent tester: Security Essentials 'very good'
Microsoft's free suite nails 98% of samples, says AV-Test.org; Symantec touts own test
Computerworld - Microsoft's free Security Essentials antivirus software identified 98% of over half a million malware samples, an accuracy rating an independent testing company called "very good" today.
Germany-based AV-Test.org tested Security Essentials, the free software Microsoft shipped Tuesday, on Windows XP Service Pack 3 (SP3), Vista SP2 and the final code of Windows 7, against two different collections of malware, said Andreas Marx, one of the firm's two managers.
The first test put Security Essentials in the ring against more than 3,700 viruses, Trojans and worms culled from the most recent WildList, a collection of threats actively attacking computers. "All samples were successfully detected and blocked during our on-demand and on-access tests," Marx said in an e-mail today.
The second test put Security Essentials up against a much larger set of malware. Of the 545,344 malware samples in that collection, Microsoft's software nailed 536,535, resulting in what Marx characterized as a "very good detection score" of 98.4%.
In a follow-up test of adware and spyware detection -- Security Essentials also includes anti-spyware scanning -- Microsoft's software spotted 12,935 out of 14,222 samples, for a 90.9% accuracy rate.
This is the second time that AV-Test.org has run Security Essentials through the mill; when Microsoft launched a limited preview in June, the group tested the beta. Then, the free software also breezed through the WildList, spotting every sample in the 3,200-plus set.
Security Essential's final version also successfully identified and deleted all 25 rootkits AV-Test.org threw against it, Marx said.
But there were some issues that Microsoft's program had trouble handling. Most security software now includes an ability to sniff out malware by the way it behaves, often by using heuristics-based scanners that don't rely on specific "fingerprint" signatures to match against a potential threat. Security Essentials lacks any such technology.
"We found no effective 'dynamic detection' features in place," Marx noted. "None of the samples were detected based on their suspicious behavior. However, other antivirus-only offerings don't include dynamic detection features, either. In most cases they are only available in the Internet security suite editions of the products."
Security Essentials was also unable to completely scrub a PC when it did detect malware. "In many cases, traces of infection were left behind," said Marx, ticking off several examples including empty "Run" entries in the Windows registry and modified "hosts" files. The program also failed to switch on the Windows firewall after a piece of malware had deliberately disabled it.
Not surprisingly, Symantec, which yesterday blasted Security Essentials as a "poor" product with "average detection rates," had a completely different testing take on the new rival.
Symantec's vice president of engineering, Jens Meggers, also disparaged the kind of testing that AV-Test.org and others conduct. "Things like the WildList don't show you the brand new stuff, the ones you need to detect on the first day they're out," Meggers told Computerworld on Tuesday.
According to tests commissioned by Symantec last month (PDF document), a not-quite-final version of Security Essentials did poorly when stacked against Norton AntiVirus 2009, the then-current version of Symantec's consumer antivirus program. In a test of 50 different Web-based threats hosted on malicious sites, Security Essentials detected or neutralized 37, while Norton identified 45.
Using a weighted scoring system, the U.K.-based lab that ran the tests for Symantec gave Security Essentials 44 points, and Norton 80 points.
In the blog post Tuesday that called Security Essentials a "rerun" of the now-defunct Windows Live OneCare, Symantec claimed victory. "The bottom line: Microsoft Security Essentials falls short of protecting against today's aggressive malware and zero-day threats," Symantec said.
However, Norton AntiVirus 2010 -- the current version of Symantec's program -- lists for $39.95, which is $39.95 more than the price tag on Security Essentials.
Security Essentials can be downloaded for Windows XP, Vista and Windows 7 from Microsoft's Web site. Users must confirm that they're running a legitimate copy of Microsoft's operating system before the security suite will install.
Microsoft Security Essentials
- 64-bit Windows safer, claims Microsoft
- Independent tester: Security Essentials 'very good'
- Microsoft blackballs pirates from getting free Security Essentials software
- Rivals mock Microsoft's free security software
- Microsoft confirms free security software ships Tuesday
- Microsoft to ship free security software soon
- Antivirus testing outfit: Microsoft Security Essentials makes the grade
- MS Security Essentials: Basic Protection
- First Look: Microsoft Security Essentials
- First Look: Microsoft Security Essentials beta offers free protection against malware
Read more about Endpoint Security in Computerworld's Endpoint Security Topic Center.
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- HP HAVEn: See the big picture in Big Data HP HAVEn is the industry's first comprehensive, scalable, open, and secure platform for Big Data. Enterprises are drowning in a sea of data...
- What Datapipe customers need to know about the new PCI DSS 3.0 compliance standard This handy quick reference outlines what PCI DSS 3.0 is, who needs to be compliant and how Alert Logic solutions address the new...
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Endpoint Security White Papers | Webcasts