Microsoft vows to improve security tools after failed evaluation
AV-Test.org failed two Microsoft products in another round of security software testing
IDG News Service - Microsoft vowed on Wednesday to improve two of its security products after both failed to pass an evaluation by a Germany security software testing organization.
The company's Security Essentials and Forefront Endpoint Protection failed to earn a "certified" status in a latest round of testing by AV-Test to see how effective the products are against malicious software.
AV-Test, which conducts tests every two months at its laboratories in Magdeburg and Leipzig, also failed PC Tools' Internet Security 2012 and AhnLab's V3 Internet Security 8.0. In October, AV-Test failed to give Microsoft certified status for its Security Essentials versions 4.0 and 4.1.
Security software companies have often contested the conditions under which their products are examined by testing organizations following a poor rating, frequently arguing that testing parameters are flawed.
Joe Blackbird, a program manager in Microsoft's Malware Protection Center, softly contested AV-Test's methodology, which involves running the software security against a range of malware.
Blackbird wrote that Microsoft prioritizes how it provides protection based on the prevalence of threats. Many of the malware samples that AV-Test used were never encountered by millions of Microsoft systems, he wrote on a company blog.
In one example, Microsoft detected only 72 pieces of malware out of a sample of 100 pieces of zero-day malware, or attack code for which a detection signature has not been created yet.
But "we know from telemetry from hundreds of millions of systems around the world that 99.997% of our customers hit with any zero-day did not encounter the malware samples tested in this test," Blackbird wrote.
Microsoft did not detect about 9% of 216,000 pieces of "recent" malware in the AV-Test evaluation. But Blackbird wrote that 94% of missed samples were never encountered by the company's customers.
"When we explicitly looked for these files, we could not find them on our customers' machines," according to Blackbird.
Microsoft calculated that .0033% of its customers were impacted by malware that the company did not detect. But Blackbird noted that Microsoft had since added detection for some of those threats. Nonetheless, "we're committed to reducing our 0.0033% margin to zero," Blackbird wrote.
In December, Blackbird wrote that Microsoft processed 20 million new potentially malicious files. The company prioritizes how it blocks those threats, and added protection for four million of those.
"Those 4 million files could have been customer-impacting if we had not prioritized them appropriately," Blackbird wrote.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- Capabilities You Need in an IP Address Management Solution A mismanaged IP space can cripple an otherwise healthy network. Take a moment to understand what you need in an enterprise-ready IPAM solution.
- IPv6 Fundamentals IPv6 is needed to sustain the growth of the Internet. The transition from IPv4 will require planning and likely some degree of support...
- Fixing Intermittent Performance Problems Intermittent performance problems are among the most frustrating and time-consuming issues IT administrators face. Read this white paper and learn how technology advances...
- 3G/4G Digital Signage Guide Today, the widespread availability of 3G and 4G cellular or wireless broadband networks enables digital signage to be deployed virtually anywhere.
- Live Webcast 5 Steps to Assuring Quality of Experience In order to align monitoring and management practices with the true demands of the business, IT professionals must expand beyond traditional comfort zones...
- Live Webcast Master the Changing SAP Landscape with Performance Management SAP landscapes are not getting simpler. Gradually, business processes that used to be contained on a single SAP system now involve a range...
- Navigating the New Wireless Landscape Thriving in the new wireless landscape View Now>>
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Networking White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!