Security Advisor
Microsoft's Security Essentials Fails Antivirus Cert Test…Again
This time Microsoft is speaking out against negative marks issued by AV-Test.
If the headline looks familiar, it's because I reported in December that Microsft's free antivirus program, Microsoft Security Essentials, failed when AV-Test, a German security firm that specializes in evaluating antivirus software, put it through the wringer.
Apparently, Microsoft was not fazed by the report, and did little to help its score. Case in point: AV-Test is back again with another test and Microsoft's Security Essentials continues to be slacking off.
In the recent test, which was conducted over the month of December, Microsoft's antivirus was only able to protect 78 percent of zero-day malware attacks. While this is a slight improvement over the last test (in which Security Essentials only blocked 71 percent), it falls well short of the industry average of 92 percent.
While Microsoft was quiet when I wrote about November's test in December, it's been very vocal this time around, claiming that AV-Test's methodology is flawed. And it's main argument was that the average Security Essentials user does not encounter the same type of malware that AV-Test used during its evaluation.
"Our review showed that 0.0033 percent of our Microsoft Security Essentials and Microsoft Forefront Endpoint Protection customers were impacted by malware samples not detected during the test," wrote Joe Blackbird, program manager for Microsoft Malware Protection Center, in a blog post. "In addition, 94 percent of the malware samples not detected during the test didn't impact our customers."
According to Microsoft's own testing, Security Essentials blocked a near-perfect 99.997 percent of zero-day attacks. While there could be questions concerning the validity of testing your own products, Microsoft's data is based off of real-world results.
Honestly, I'm a bit puzzled why Microsoft even responded to the AV-Test analysis in the first place. Its Security Essentials is the king of the mountain when it comes to market share (26.7 percent of North America, according to OPSWAT, so it obviously has the support of its customers.
And readers of this blog shared that same sentiment with me. When it comes to Microsoft, Redmond magazine readers have no objection to being overly critical of the company. However, you guys really like Security Essentials.
Dan from Iowa also provided some great insight on why that is, and why an antivirus shouldn't be measured based solely on its ability to block zero-day attacks:
"What's missing from the antivirus testing mentioned above is a measurement on stability. AV needs to work well as a background process. The reason MSE does so well is not because some testing firm found it detected this vulnerability that something else did not detect. The reason is because it is far more stable than most other anti-virus systems out there. Not surprisingly, if your testing doesn't involve actually having to support production services, things like Avast and Symantec can score well. However, in the real world, it has to run for weeks at a time without crashing your systems, and that is where MSE seems to shine over many of the other options."
What say you? Is Dan right in that Security Essentials shines due to its integration? And do you use third-party testing firms' data when choosing software? Share your answers below or with me at [email protected].