Microsoft's Windows Live OneCare security suite has failed a test to detect or stop 37 malicious programs on Windows Vista. Independent security certification body Virus Bulletin tested 15 security suites on Windows Vista against a set of malware from the WildList database. "The tests conducted in our secure labs were against the most significant viruses and worms affecting real-world users," said John Hawes, technical consultant at Virus Bulletin.
"In these days of hourly updates, it is always a surprise and a disappointment to see major products missing them. Computer users deserve to see a better performance than this from security vendors." OneCare detected about 99.91 per cent of the threats, picking up on all macro viruses. But it failed to stop some viruses, file infectors and polymorphic malware which constantly changes in an effort to avoid detection by security software. Microsoft's offering was one of four suites which failed to detect all malware. The others were G-Data AntiVirusKit 2007 v.17.0.6353, McAfee VirusScan Enterprise 8.1i and Norman Virus Control 5.90.
View: The full story
News source: vnunet
"In these days of hourly updates, it is always a surprise and a disappointment to see major products missing them. Computer users deserve to see a better performance than this from security vendors." OneCare detected about 99.91 per cent of the threats, picking up on all macro viruses. But it failed to stop some viruses, file infectors and polymorphic malware which constantly changes in an effort to avoid detection by security software. Microsoft's offering was one of four suites which failed to detect all malware. The others were G-Data AntiVirusKit 2007 v.17.0.6353, McAfee VirusScan Enterprise 8.1i and Norman Virus Control 5.90.
View: The full story News source: vnunet
What I want to know is what did good? The referenced article only mentions those that "failed." I went to the article that was referenced by the article that this article references ( woo! ) and it requires a paid subscription to view, the cheapest of which is a ridiculous $125 a year! The most expensive being $2,000 a year for corporate environments! o_O!
You would think with that kind of subscription level they could at least afford to keep their site fairly snappy... I am apparently mistaken!
So, I guess 99.91% is a lot better than nothing, but worse than every single other product they tested. Again, a listing of what their full scope of apps were would be nice, but seems to be lacking.
I can't find Virus Bulletin's published results anywhere either...
Avast Pro 4.7: Passed 100%
Kaspersky 6.0.2.546: Passed 100%
NOD23 2.7: Passed 100%
It is a free registration to see the summary pass/fail results of all products here: http://www.virusbtn.com/news/virus_news/2007/02_02.xml
that's a mistake, right? to my knowledge there has only been 8.0i and now 8.5i
Last edited by happymonkey on 06 Feb 2007 - 16:54
37 missed threats isn't much and 99.91% isn't anywhere near failure.
Show me the results from this, depicting how the other major AV's did for a real comparison.
Where are the stats at? If you're only going to say who the losers are, why even post it. I'd be more "concerned" about the McAfee failure than I would OneCare, as it's installed on many corporate environments (and it's still the worst of them all).
They offer the Vista VB100 certification list for free (registration req'd.). They offer the full testing information only to subscribers though, and that may mean you must pay.
But that page does say they tested 15 suites. 11 passed with 100% detection. Of the ones that failed, OneCare did the worst.
EDIT: I registered, and was able to also see the history testing of OneCare. It should be noted that OneCare passed VB100 certification in June 2006. So they went from perfect score to apparently the worst.
On the up side, perhaps Microsoft will see these results as a sign to get back in gear and strive for that 100% perfect score again.
Last edited by markjensen on 06 Feb 2007 - 17:41
So when they talk about failures, they're not saying that OneCare failed to detect the threat. They're saying that OneCare failed to stop/disable/neutralize/remove the threat.
So when they talk about failures, they're not saying that OneCare failed to detect the threat. They're saying that OneCare failed to stop/disable/neutralize/remove the threat.
How's it supposed to remove something it can't find?
What does that have to do with anything I just said?
What does that have to do with anything I just said?
cause you make it appear that removal rate is far more significant than detection rate but if the virus can't be detected it can't be removed.
Don't read what you think I wrote. Read what I actually wrote.
Don't read what you think I wrote. Read what I actually wrote.
True; lets rephrase it; if a piece of software detects 100% of all virus's but only is able to remove 80%, isn't that a whole lot worse than OneCare which, hypothetically might detect 99.91% and remove 100% of virus's detected?
So, you disagree with the article? Yeah, that means it shouldn't be posted anywhere. And, you are the NeoWin editor, right?
How do you carry that ego around with you?
Apart from having the best AV detection and an excellent firewall, it's the Only Security Software to Accurately Detect 100% of Malware in Performance Tests. Works well on Vista too of course.
If your AV software doesn't have a VB100% certification, then don't use them!
99.91% is a failure, it only takes one Malware or Virus to cause a big problem.
If that didn't exist, I guess NOD32 or Kaspersky would be my next choice.
Microsoft's attempt wouldn't be in my top 10 that's for sure - and that's before this recent review.
What doesn't surprise me it all is that POS McAfee sells...trust me, from what I and so many others have seen those using McAfee, I'd rather deal with the virus.
What doesn't surprise me it all is that POS McAfee sells...trust me, from what I and so many others have seen those using McAfee, I'd rather deal with the virus.
"No one app can kill everything"? Well, 11 of the 15 products did just that. "Not one", indeed! It was eleven that succeeded.
Heck, even the free Avast is a lot better than OneCare, which you actually have to pay for (but apparently there are enough clueless n00bs who pay for it).
Boooo!
That was the worst thing I ever heard!
It was terrible!
Horrendous!
Well, it wasn't that bad.
Oh yeah?
There were parts of it I liked.
Yeah, I liked a lot of it.
Yeah, it was good, actually.
It was great!
It's wonderful!
Ah, bravo!
More!
It starts with "Man what a ****ty program, it fails the virus test", then "Ah well they're new to the game", finally "Well 99.8% isn't that bad, quite good actually"
I like OneCare, it works great for a good price.
99.91% might be considered good if everyone else was in that range but with so many others doing better then Microsoft needs to get back to work. We settle for '2nd best' too many times and the area of security should not be one of them.
Hello,
For those who are not familiar with it, Virus Bulletin is the basically the industry trade magazine for the anti-virus industry. Every other month they publish a Comparative Review where they test a range of anti-virus products on a particular platform, such as Linux, Novell NetWare, Microsoft Windows Vista and so forth. The test consists of several criteria, the two main ones being that products must detect all 100% of ItW ("In the Wild" viruses, as reported by the WildList Organization) and not generate any false-positive alarms of viruses on a clean set of files.
The products tested this month were Alwil Avast, CA Anti-Virus, CA eTrust, CAT QuickHeal, ESET NOD32, FortiNet FortiClient, F-Secure Anti-Virus, G-DATA AntiVirusKit, Grisoft AVG, Kaspersky Anti-Virus, McAfee VirusScan, Microsoft Windows Live OneCare, Norman Virus Control, Sophos Anti-Virus and Symantec AntiVirus. Of those products, the ones that did not receive a VB100 this time were G-DATA, McAfee, Microsoft and Norman.
Almost all products which are tested by Virus Bulletin have failed to receive a VB100 award at some point or another, so the fact that a product does so on occasion should be no cause for alarm. Also, it is important to keep in mind that while Microsoft's Live OneCare is based on technology they acquired from GeCAD in 2003, they are still rather new to shipping a comprehensive anti-malware product (the Malicious Software Removal Tool only detects and removes a subset of known malware) so I think it is fair to say the verdict's still out on their Windows Live OneCare product.
From my perspective, where the Virus Bulletin's tests really come into play is now with an individual comparison but with how they allow one to take a neutral and unbiased look at how vendors' products do over time and see if the detection rate is improving, declining or staying about the same. Bear in mind, that there is more to the magazine than product comparisons. Leading-edge research, descriptions of new malware techniques and threats is all discussed. As a matter of fact, the current February 2007 issue has an interesting article on web-borne malware, which should be of interest to anyone who runs an online forum, for example.
If you are interested in this sort of thing, I would strongly suggest looking into getting a subscription. It is not inexpensive (subscriptions start at $175.00 a year for individuals), however, if it is a subject matter in which you have a personal or professional interest, having access to this sort of information is invaluable.
Regards,
Aryeh Goretsky
Last edited by goretsky on 07 Feb 2007 - 20:23
I was thinking the exact same thing.
99.91% isn't exactly "failing" any test.
I'd would love someone to show me an antivirus suite that scores a 100%, really please show me.
For more in-depth antivirus testing please visit AV-Comparitives.com
99.91% isn't exactly "failing" any test.
I'd would love someone to show me an antivirus suite that scores a 100%, really please show me.
There's a list of products that did better in this article:
http://www.betanews.com/article/Microsoft_...Test/1170809025
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.