MS Security Essentials test shows 98% detection rate for 545k malware samples

Summary:According to recent tests conducted by AV-Test.org aiming to measure the performance of Microsoft's Security Essentials, the freeware application achieved 98% detection rate for 545k malware samples including viruses, bots, trojan horses, backdoors and Internet worms, also achieving 90.

According to recent tests conducted by AV-Test.org aiming to measure the performance of Microsoft's Security Essentials, the freeware application achieved 98% detection rate for 545k malware samples including viruses, bots, trojan horses, backdoors and Internet worms, also achieving 90.95% detection rate for 14,222 adware/spyware samples it was tested against.

However, AV-Test.org didn't find any effective "dynamic detection" features (HIPS/behavior blocking) in place, and therefore samples with malicious behavior were not detected due to the application's reliance on malware signatures only.

Testing MS's Security Essentials is one thing, benchmarking it against other market propositions is entirely another. What both of these practices have in common, is the potential to leave the end user with a false feeling of security (Does free antivirus offer a false feeling of security?) by ignoring the fact that antivirus software is only a part of their defense in-depth security strategy (Secunia: popular security suites failing to block exploits; Secunia: Average insecure program per PC rate remains high).

Naturally, the final release for Microsoft's Security Essentials is already sparking debate on its performance characteristics when benchmarked against commercial products offered by competing vendors. For instance, Symantec, dismissed the application as a “a stripped down version of the OneCare product Microsoft pulled from retail shelves“ in July, and most recently commented that it offers "reduced defenses" :

"From a security perspective, this Microsoft tool offers reduced defenses at a critical point in the battle against cybercrime. Unique malware and social engineering tricks fly under the radar of traditional signature-based technology alone—which is what is employed by free security tools such as Microsoft's"

And whereas different comparative reviews (Norton Antivirus 2009 Versus Microsoft Security Essentials: A Comparative Anti-Malware test; Anti-Virus Comparative August 2009) show different results, protecting from known threats only, in times when cybercriminals are efficiently tricking signatures based malware scanners (Modern banker malware undermines two-factor authentication), can cause more harm than good by attempting to simply build awareness on Internet security threats by offering a freeware antivirus scanner to millions of end users.

What do you think? TalkBack.

Topics: Malware, Microsoft, Security

About

Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog sharing real-time threats intelligence data with the rest of the community... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.