IT Jobs
Microsoft no longer worst at anti-virus
OneCare can detect 18 percent of unknown threats.
By Gregg Keizer, Computerworld | Computerworld UK
Published: 06:00 GMT, 04 June 07
Microsoft's Windows Live OneCare climbed from March's dead last to 14th place in a test of 17 anti-virus programs, according to a researcher.
Andreas Cleminti's latest AV Comparatives test pitted the top anti-virus software against the 20,000-odd threats that appeared during the last three months to measure how well each could finger unknown exploits. Cleminti stopped updating each product's virus signatures in February, but continued to probe their defences with every newly discovered virus, malicious script, worm, Trojan, or back-door until 2 May.
"Even if most anti-virus products provide daily or hourly [signature] updates, without heuristic/generic methods [of detection] there is always a time frame where the user is not protected," Cleminti said in the report.
Cleminti tallied the number of threats each program detected without the new signatures, as well as totalled the false positives, and timed how long it took the software to scan the test PC's hard drive.
Only one program, ESET's NOD32 AntiVirus was pegged by Cleminti with the highest-possible "Advanced+" label. NOD32 correctly identified 68 percent of 20,522 new threats that appeared in the three months. Avira's AntiVir PE Premium and Fortinet's FortiClient actually detected more threats - each spotted 71 percent - but higher false positives downgraded the final ranking of both.
Behind NOD32 were AEC's TrustPort AV WS, which detected 58 percent of the malware, and BitDefender Professional Plus, at 48 percent. GriSoft's AVG Anti-Malware posted an 8 percent detection rate to rank last.
Microsoft's OneCare, which placed 17th out of 17 in March when Cleminti tested signature-updated software against nearly half a million pieces of malware, fared better this time. Although it detected only 18 percent of the new exploits, that was good enough for 14th place.
After Cleminti released the March report that said OneCare held last place, Microsoft conceded that their antivirus software's performance was "not stellar" and promised it would make changes to boost its rankings. Today, however, when asked what the company's anti-malware team thought of its slight climb from 14th to 17th, a spokeswoman emailed a stock statement that representatives had used before.
"We are looking closely at the methodology and results of the test to ensure that Windows Live OneCare performs better in future tests and determine whether any learnings from these tests can be used to improve our services," the spokeswoman said.
Symantec's Norton AntiVirus, which detected 24 percent of the new threats, was the only product of the 17 tested that raised no false alarms. "Norton was again [for the third time] the only anti-virus product in this test which had no false positives," the report said. "This is an indication of high quality assurance tests before the release of updates in order to avoid false positives."
The praise was poorly timed, as Symantec released a signature a week ago that mistook critical Windows files for a Trojan, and after falsely quarantining the files, crippled thousands, perhaps millions, of PCs in China.
Cleminti's report is available online (click on "Comparatives" in the nav bar, then it's report #14).
.gif)
Add your commentComments