Dodgy Vista security
p2pnet.net News:- Microsoft’s Live OneCare 1.5 anti-virus software isn’t 100% safe, say tests performed by Virus Bulletin.
VB tests on 15 anti-virus products designed for Vista found four including Microsoft’s, failed to reach the standard required for its VB100 certification, says PC Pro.
The three were G-Data AntiVirusKit 2007 v.17.0.6353, McAfee VirusScan Enterprise version 8.1i and Norman Virus Control 5.90.
“The tests pitted each product against a test set of viruses from the WildList, which details viruses known to be circulating on the Internet,” says the story. For VB100 certification, products had to detect all viruses from the test set.
“We are looking closely at the methodology and results of the test to ensure that Windows Live OneCare performs better in future tests,” the story has Windows Live OneCare product manager Jo Wickremasinghe stating.
With all the delays in getting Vista released, there was no excuse for vendors not getting their products working, says Virus Bulletin technical consultant John Hawes, according to PC Pro.
Live OneCare caught 99.91% of the known active viruses it was tested against, leaving it open to 37 separate malicious programs, says the BBC.
Microsoft’s rivals have also questionedthe effectiveness of Vista’s security, says The Register.
“Anti-spyware vendor Webroot, for example, criticises ‘ineffective blocking capabilities’ in Windows Defender, a product which competes against Webroot’s Spy Sweeper line of anti-spyware products,” says the story. “Webroot also warns of slow (weekly) definition updates, and weak anti-virus capabilities in the default anti-spyware and anti-virus components of Microsoft’s Windows Vista and Live OneCare consumer security suite.
“In tests conducted by Webroot researchers Windows Defender failed to block 84 per cent of a testing sample-set that included 15 of the most common variations of existing spyware and malware. Threats of various types – including adware, system monitors, keyloggers and trojans – were able to reside on the testing environment undetected by Windows Vista, Webroot reports.”
Also See:
PC Pro – Microsoft, McAfee fail to spot Vista viruses, February 5, 2007
BBC – Windows ‘fails’ active virus test, February 6, 2007
The Register – Security watchers lambast Vista, February 5, 2007
Want to subscribe to p2pnet by email with Feedburner? Just click here.
rss feed: http://p2pnet.net/p2p.rss | | Mobile – http://p2pnet.net/index-wml.php | | And use our own p2pnet newsfeeds for your site
If your Net access is blocked by government restrictions, try Psiphon from the Citizen Lab at the University of Toronto’s Munk Centre for International Studies. Go here for the official download, here for the p2pnet download, and here for details. And if you’re Chinese and you’re looking for a way to access independent Internet news sources, try Freegate, the DIT program written to help Chinese citizens circumvent web site blocking outside of China. Download it here.
February 6th, 2007 at 5:45 pm
Of course Webroot is going to discredit Windows Defender. They are competitors, after all. Smearing your opponents is something common in both politics and marketing, regardless of whether or not it’s true.
Webroot themselves conducted these studies. Does that remind you of someone ELSE who doesn’t use independent, unbiased research?
February 6th, 2007 at 7:42 pm
I agree that a competing marketer isn’t going to give a good evaluation to the competitor for fear of losing sales.
Still I have had these concerns of M$ getting into the anti-malware department based on their performance shown in XP patches and updates. M$ did not release the APIs for third party vendors to get their products to work with VISTA till after the OS was already scheduled for commercial site release. They are normally released months in advance. This effectively left a delay where third party could not be seen to compete with M$’s offering until they reprogrammed for the changes required by VISTA.
It came down to EU complaining about M$s policies before the APIs were released. Basically M$ did it at the point of a gun and would have most likely drug its feet as long as possible to prevent the inevitable competition that third party does.
M$ does not do that good a job of covering known security holes as it is. Other than corporate bloat, I have no idea what causes the delays we often see of zero day exploits that don’t see fixes for sometimes months if they come at all.
February 7th, 2007 at 3:20 am
The biggest problem with computer security both in the home and the workplace is users! Especially users who would rather rely on someone else to clean the poop off the fan after the fact than spend any time or effort learning about security themselves.
Get your users to care about security and the rest will take care of itself. Oh and if you do figure out how to get them to care, please tell me how you do it!!