Microsoft Fails AV-Test Certification

[arsenaloyal]

German antivirus lab AV-Test continually tests popular security suites against real world threats and reports the results every two months. For the most part, the researchers alternate between testing under Windows 7 and under Windows XP. The latest Windows 7 results show a significant drop in most scores. In particular, Microsoft failed to achieve certification.

More info here.

http://securitywatch.pcmag.com/none/305401-microsoft-fails-av-test-certification

 

[Guest28]

They are depending way to much on their browser for the detection. That is not good not everyone uses IE. I'v not seen Microsoft make any significant changes to MSE since v1.0. Microsoft needs to move the file reputation system from IE into MSE then we might have something.......

 

[arsenaloyal]

I agree,but smart screen filter is pretty good though.

 

[BSOD]

I'm still using it tho. I might change later.

 

[Littlebits]

Take a closer look at the testing results-

http://www.av-test.org/no_cache/en/tests/test-reports/?tx_avtestreports_pi1[report_no]=123698

Detection of widespread and prevalent malware (according to AV-TEST data) was 100% which is excellent.

Detection of a representative set of malware discovered in the last 2-3 months (AV-TEST reference set) was 90% which is also good.

Protection against 0-day malware attacks, inclusive of web and e-mail threats (Real-World Testing)-

Here is where the problem comes in only 69% in Sept and 64% in Oct.
We all know that no AV's do very well detecting zero-day malware, although other AV's did better on this set of samples if it was an actual system exposed to these threats all AV's would have failed. For that reason I would say there testing is flawed.

Then AV-Test rates AV's on their Repair and Usability.

Rating AV's on their repair is stupid, if you ever had to repair a system you know what I mean, no real-time AV's will repair a system you have to use a dedicated malware removal tool to do a full system cleanup.

The worst thing about AV-TEST is they use remote samples that have no reports of infections. There are malware samples that are available for download if you are looking for them. But the chance of a user actually getting exposed to them is next to zero. Microsoft is not concerned about these remote malware samples that most users will never be exposed to.

What is important is that MSE did score 100% on the widespread malware.
This is the malware that you are most likely will be exposed to.

Enjoy!!

 

[spywar]

Sorry but MANY MANY pc's that I desinfected were Microsoft Security Essentials protected pc ...
I've seen some ESET, Kaspersky, or BitDefender but mainly MSE ...
People had a bad surfing p2p download but mse did not protect them correctly.

 

[Littlebits]

Sorry but MANY MANY pc's that I desinfected were Microsoft Security Essentials protected pc ...
I've seen some ESET, Kaspersky, or BitDefender but mainly MSE ...
People had a bad surfing p2p download but mse did not protect them correctly.

From what I have found from remove infections from my customer's system is the following;

1. The most severe infected systems were using a paid antivirus with an expired license.

2. I can not come to any conclusions about if product A, B or C, etc. had more infections than the others. Some products work better with some users than what other products do. I have customers who use MSE that never get infections while I have other customers that are a magnet for infections therefore need a product with a little more power.

3. Troubled users will get infections no matter what kind of security setup they use. I can say that according to the results of my customers that the user makes more of the difference than what the product does when it comes to getting infections.

Most users don't even know anything about how to protect their systems and a lot of them just don't care, therefore don't keep anything updated and fail to buy new license for paid security products. Since the most infected systems were using paid security products with expired license, MSE will make a difference for these kind of users since it will be available on Windows Updates and is already included in Windows 8 as the new Windows Defender. Hopefully Windows Updates in the future will be able to tell if users have expired license for their security products and automatically install MSE.

Enjoy!!

 

[Plexx]

Sorry but MANY MANY pc's that I desinfected were Microsoft Security Essentials protected pc ...
I've seen some ESET, Kaspersky, or BitDefender but mainly MSE ...
People had a bad surfing p2p download but mse did not protect them correctly.

No Solution will fully protect you based on browsing habits. I have seen PCs infected with KAV/NAV/BD/avast! for example.

Sure MSE doesn't pack a punch in zero day but that doesn't mean it is useless.


On a side note: Although rating an AV solution for removal capabilities is rather pointless up to a certain point, the AVs should have certain removal capabilities and it is known that ESET and avast! for example lack a bit in that department compared to Kaspersky for example.

There are shortcomings on every solution, whether it is removal capabilities, detection rate, lightness, scan speed, zero day components (lack of or questionable) etc.

 

[3link9]

Sorry but MANY MANY pc's that I desinfected were Microsoft Security Essentials protected pc ...
I've seen some ESET, Kaspersky, or BitDefender but mainly MSE ...
People had a bad surfing p2p download but mse did not protect them correctly.

From what I have found from remove infections from my customer's system is the following;

1. The most severe infected systems were using a paid antivirus with an expired license.

2. I can not come to any conclusions about if product A, B or C, etc. had more infections than the others. Some products work better with some users than what other products do. I have customers who use MSE that never get infections while I have other customers that are a magnet for infections therefore need a product with a little more power.

3. Troubled users will get infections no matter what kind of security setup they use. I can say that according to the results of my customers that the user makes more of the difference than what the product does when it comes to getting infections.

Most users don't even know anything about how to protect their systems and a lot of them just don't care, therefore don't keep anything updated and fail to buy new license for paid security products. Since the most infected systems were using paid security products with expired license, MSE will make a difference for these kind of users since it will be available on Windows Updates and is already included in Windows 8 as the new Windows Defender. Hopefully Windows Updates in the future will be able to tell if users have expired license for their security products and automatically install MSE.

Enjoy!!

Yeah, I can smell so many lawsuits from Security Companies for doing so.

MSE right now has poor detections with no prevention unless using IE.
It needs to have more signatures pumped out, better removal and repair, faster updates and scanning, and some new prevention features.
Everytime Microsoft comes out with an update for MSE its very small and doesn't change much.

I've seen way to many people with infected machines with MSE from personal view and people who visited this forum. The free AV market if so-so right now. As AVG is no longer considered light, Avast is having major tech issues, Avira is not like it used to be, Comodo is still great but stll confusing for normal users, Zone-Alarm is Okay...

Face it, what Free AV can beat the likes of Bitdefender, Trend, Kaspersky, and Emsisoft on counts of protection right now?
A lot of normal users won't install more protection such as companions, sandboxes, etc.

 

[Plexx]

CIS with learning mode on D+ should allow new users to get used to it. But yes fully agree with the free av market issues. (note: incorrect info)

AVG is still light but not compared to version 2012. avast!, well personal experience, no comments. Avira 2013 is OK but for that I rather use Kingsoft with Avira Engine.

The need of companions is not really needed to the average user though.

Due to the deals across the globe and marketing for paid solutions, more and more users are actually paying for a security suite or AV solution. Bitdefender recent cheap sale, Kaspersky/Norton rather cheap sales, Emsisoft price etc. They are all part of the marketing and geographical location market to gain more users and to be honest, they are succeeding.

There are still many users trying avast! because it is free but then they leave due to issues (windows 8 machines and avast! have problems unless you patch avast and for that you require to visit the forums and how many average users do that?).

 

[Deleted member 178]

- Average computer users are not security-educated; it is a fact.
- Test labs are jokes (no one even me with risky habits encounters hundreds of malwares a day). No one should trust them.
- choosing an AV based on its detection or/and removal/repair abilities is foolish.

So after that, you may ask me:

1- what we do?
2- how to choose a security product?

my answer will be:

1- Don't open them the door (safe surfing, wise downloading)
2- Prevention & virtualization softs if available.

by following these 2 simple rules i never got infected.

 

[HeffeD]

CIS with learning mode on D+ should allow new users to get used to it.

I completely disagree with this statement. Training Mode should only be used for very short durations, and only for those stubborn applications.

A new user turning on Training Mode and leaving it for a while so CIS can "learn" their system is a huge mistake. Training Mode will create "allow" rules for anything and everything. Including malware.

Whenever I see posts from users saying that they've been running Training Mode for a few days, I tell them to disable Training Mode, delete all of their rules, scan their system throughly for malware, and only use Training Mode with extreme caution.

 

[Plexx]

I had to resort to Training mode for Firefall since before on stock settings of D+, after the patcher finished the download, when it came to apply the patch it was over 10 entries of popups.

When I got CIS installed again after the avast failure, i used Training mode for such application only and then switched back to safe mode.

I can understand the potential danger for a new user and therefore I will edit the comment.

Thanks HeffeD.

 

[Littlebits]

- Average computer users are not security-educated; it is a fact.
- Test labs are jokes (no one even me with risky habits encounters hundreds of malwares a day). No one should trust them.
- choosing an AV based on its detection or/and removal/repair abilities is foolish.

So after that, you may ask me:

1- what we do?
2- how to choose a security product?

my answer will be:

1- Don't open them the door (safe surfing, wise downloading)
2- Prevention & virtualization softs if available.

by following these 2 simple rules i never got infected.

It is true all AV testing Labs are jokes- they usually use small number of samples, samples not widely distributed in the wild and sometimes false positives. Most of the time that are founded by an antivirus vendor or vendors. Biggest founders include Symantec, BitDefender and Kaspersky. No wonder they always come out on top when they are the ones providing the money. AV testing Labs are controlled by money, they can manipulate the results to make their founders look much better than others. Don't believe them.

If just one infection gets passed your AV, then it is fail. So in other words all will fail to protect you alone, so why pay for a solution when it can not be proven to protect you any better?

The majority of malware infections come from downloading files.
So besides of virtualization, if you can just disable the ability of your browser to download files, it could make a big difference. Also create "Limited User Accounts" which will prevent the running of new files.

The bottom line is users who want to learn and care about system security can protect their system with about any AV (including MSE).

Enjoy!!

 

[arsenaloyal]

I dont know if its microsofts ploy to promote internet explorer in some way,but as i said in an earlier post if you just go by browser's detection then smartscreen filter is by far the best on any browser on the market!

 

[arsenaloyal]

@ Littlebits, i tihnk AV-Comparatives is then one that i look forward to the most because of its detailed tests on various aspects of AV and also wide number of malware samples around 9 million i think.