Beta of Microsoft's antispyware tech falls short in tests

As Microsoft continues its own foray in to the security software business, critics (mainly supporters of the existing cottage industries) have argued that Microsoft will never to be able to build antivirus, antispyware, and personal firewall tools that are as good as those that come from the third party providers that are far more focused (as a percentage of the companies' overall efforts) on malware -- companies like Symantec, McAfee, and Zone Labs (a subsidiary of Checkpoint).  Meanwhile, other industry observers see Microsoft's entries as being the death knell for third party products.  When I last asked long time Zone Labs executive Fred Felman for his assessment (Felman has exited the security business for now and is pursuing other opportunities),  the only thing he would say on the record is that he thinks the security business "is beat" right now (as in "out of gas").  That doesn't mean it can't find some successful niches (for example, products that focus on the needs of enterprises).  For those waiting to see how the rubber actually meets the road, Suzi Turner -- ZDNet's Spyware Confidential blogger -- has been conducting a series of exhaustive tests to see how well Microsoft's Windows Defender (currently in beta) holds up to other products that are designed to keep our systems spyware free.  While her tests are not finished yet, the results could be proving the critics of Microsoft's strategy correct.  Writes Suzi in her blog:

Windows Defender detected and removed approximately 65% to 75% of the spyware compared to SpywareDoctor and SpySweeper. Windows Defender left behind quite a few registry keys.  It did better with file removal than with registry clean up.

Windows Defender is the name of Microsoft's antispyware product.  It will be included for free in Windows Vista and a free download will be made available to users of Windows  XP SP2.  The two caveats to Suzi's conclusions so far are that Windows Defender is still in beta and that she's not done with her testing.  With a product that's in beta, anything can change. In her first round of tests, Suzi basically checked to see how good Windows Defender was at removing spyware after the fact (in other words, after it was already put onto the system).  Windows Defender also includes some realtime protection capabilities designed to catch spyware before it sneaks onto your system.  Between WD's removal capabilities and it's real-time protection capabilities, it may very well prove to be worth it's free price.  So stay tuned to Suzi's blog for her findings. 

On a related note, Suzi is conducting her tests using the virtual machine technology found in VMware's VMware Workstation.  In addition to the many reasons I've proposed that everyone should be using virtual machine technologies like VMware or Microsoft's Virtual PC, testing new software and Web sites is another one.  If the software doesn't work or that Web site turns out to be malicious, if you run your tests in a virtual machine, then those tests cannot negatively impact the rest of your system .   And speaking of malicious Web sites, Suzi found a new one today -- a Web site that poses as the provider of an antispyware tool called Spy-Shield, but that installs adware on your system.  Keep away (and where are the authorities... this is fraudulent!).