Microsoft defends Security Essentials after "failing" AV-Test certification

On Wednesday, AV-Test failed Microsoft Security Essentials in its antivirus certification program, claiming that Microsoft's program only protected against 78 percent of "day 0" malware attacks. It also claimed that it detected 90 percent of the malware that has come up in the last few months, when the industry average is 97 percent.

Microsoft has since give their own statement on AV-Test's findings. As far as the "day 0" statistics, Microsoft says, "We know from telemetry from hundreds of millions of systems around the world that 99.997 percent of our customers hit with any 0-day did not encounter the malware samples tested in this test." In addition, Microsoft said that 94 percent of the malware that AV-Test says Microsoft Security Essentials missed "were never encountered by any of our customers.'

Microsoft says that it is working to cut down "our 0.0033 percent margin to zero." It added:

In December 2012, we processed 20 million new potentially malicious files, and, using telemetry and customer impact to prioritize those files, added protection that blocked 4 million different malicious files on nearly 3 million computers. Those 4 million files could have been customer-impacting if we had not prioritized them appropriately.

Source: Microsoft Malware Protection Center blog | Image via Microsoft

Report a problem with article
Previous Story

Kim Dotcom: Mega to offer 50 GB of cloud-based file storage for free

Next Story

Microsoft releases demo of its proposed web audio-video chat standard

64 Comments

Commenting is disabled on this article.

I don't get this, haven't they been having trouble with tests for ages? I decided to delete MSE a while ago because of this. Since then I've been using Unthreat Antivirus and I'm much happier.

MSE is before in NOT slowing down my computer. Seems every other anti-virus I use slows it down no matter what computer I use.

moloko said,
MSE is before in NOT slowing down my computer. Seems every other anti-virus I use slows it down no matter what computer I use.

I agree MSE doesn't slow down! The same for Webroot! Webroot and MSE are the most system friendly AV Softwares

I don't see why people just don't run MSE and another AV like Avast on the same machine, they are both low impact and you don't really notice either of them being present with the right settings

Can't say i'm a big fan of MSE since i experienced the problem where it would slow down the PC when scanning a large folder.

I've got it installed on the spare media streaming PC but for my computer and laptop i use everyday i've installed Avast just because it's got a good balance of being light, scanning quickly and having good detection rates.

I don't trust MSE. It's not just this test it has done badly on - look at any popular independent test and you will see a similar result.

I've been using MSE for a long time, but recently I switched to Panda Cloud. There were some weird situations when MSE was using 99% of my CPU scanning like crazy (for example when I was extracting an archive, or installing something - > those were slowed down a LOT because of MSE) and we have Panda at work, so I decided to give it a shot. Still, I love MSE and I would recommend it to anyone, it will get much better in time. Don't forget that this AV is quite young, compared to others, so there is a lot of room for improvement.

I've spent a lot of money in the past for anti virus software. I've tried a few free options too. I 've been using Microsoft's Security essentials for about the past 3 years now and I like it. MSE and common sense goes a long way. I've never had a virus until now. And it's light on resources.
Gone are the days of the badass doorman who throws your friends out and you can't fire him 'cos he'll burn your business down if you try .

I also have been using MSE for the last couple of years. Together with some common sense it has been pretty good for me

I repaired a number of machines for people that had Norton, AVG, McAfee, etc on them and they brought them to me with those fake antivirus programs. After cleaning the machine of that crap I installed Microsoft Security Essentials on all of them. I run MSE on all my machines (6).

While debatable as which is the best, I find MSE to be the least obtrusive, I've had to remove software such as Norton AV, from lots of ppl's computers, because it was bogging down their system, or other ones because they were fed up with Nagware, begging you to register or buy their 'pro' versions.

I have used MSE since I can remember. The best part of MSE is that is practically invisible, not a resource impact and haven't had a virus ever.

I'm sure MSE is good and all that but I go by what the reviews say every year, this year I'll be going with bitfender, next year it could be MSE who knows but I would rather trust the reviews than to go by blind devotion to a company because I like their operating system.

I love Webroot! It's impact on system is 0. Zero CPU usage and only 3MB of RAM. It doesn't even slow down the startup unlike Norton monster

AV-Test's chosen "samples" are a bogus representation of malware, at best. As always.
Security Essentials is decent, more so than any other free antivirus product except avast! which is the best.

DoomsDayMayan said,
So the other companies that passed can pass a bogus test and Microsoft can't. That is what you are telling me?

No, that's not what I'm telling you. Work those brain cells a little.

I use MSE and I install it religiously on client computers after they've had an malware attack and been using some other AV product and since doing so I've not had any of them complain about Viri/Malware infections... I also take the time to explain to them that not everything you can click on on the net is safe don't just blindly click "yes" to everything slow down and take a minute to read what it is they're asking you to install if you don't like the looks of it then click no or cancel, if it's in an email from someone you know but isn't something you'd expect them to be sending you then delete it chances are good that it's an Virus/trojan or malware

Now this is entertaining. In the original story "Microsoft Security Essentials fails AV-Test certification (again)" most of the posts were MSE haters.

Now in this story, there are mostly MSE supporters.

Personally I don't like MSE, I never have. I think it's CPU hungry and doesn't do a very good job protecting people from fake AV's.

you can say you don't like the software because you don't feel like it's protecting you... but to say it's cpu hungry is just nonsense. are you running it on an old 286?
i have it running on my win 7 netbook and it uses 0% cpu and 324K memory.

wookietv said,
you can say you don't like the software because you don't feel like it's protecting you... but to say it's cpu hungry is just nonsense. are you running it on an old 286?
i have it running on my win 7 netbook and it uses 0% cpu and 324K memory.

324k .... are you sure about that?

lol wtf kind of computer are you running, MSE is always at 0% CPU and about 45,000k memory for me, your CPU hogging claims are most likely bull****.

I think he's talking about the bug that makes it consume loads of CPU when you load a large folder with a lot of executable files in it, a bug I still don't believe they have fixed after 3 years

warwagon said,
Now this is entertaining. In the original story "Microsoft Security Essentials fails AV-Test certification (again)" most of the posts were MSE haters.

Now in this story, there are mostly MSE supporters.

Personally I don't like MSE, I never have. I think it's CPU hungry and doesn't do a very good job protecting people from fake AV's.

EVERY realtime AV product is going to consume CPU resources or it would NOT be working.

MSE on average consumes significantly less CPU, as it uses OS API handed filters instead of injecting itself into areas of the OS that can create performance or instability problems.

So you may see CPU usage, but you won't see 'extra' CPU usage for network packet checking and other ancillary and irrelevant checking that other products are handling.

(Just gaming alone and not 'retarding' packets through a filter alone is reason enough to use MSE over most other products.)

Interesting, as I've had MSE installed on every PC in my house as well as on the PCs of all my family members. Even on a computer running Windows XP with an old first gen Pentium 4 with 512 MB of memory, MSE did not cause any performance problems.

Let us hope that Microsoft does not follow the same path of Java. It was great in the beginning, but then.... People end up uninstalling it from their computers.

TsarNikky said,
Let us hope that Microsoft does not follow the same path of Java. It was great in the beginning, but then.... People end up uninstalling it from their computers.

Its intergrated into Win8, so i dont think its going anywhere, neither is it unstallable (although it will disable itself when another AV takes over)

I still have a soft spot for Avast since they have offered free personal AV since way back in the day, but i havent installed an AV since MSE came out. And to be honest, my computer habbits are completely different then they were during the XP days lol.

"VIRUS DATABASE UPDATED!" I can't count how many times that scared the crap out of me at night when I forgot and left my speakers on. lol

I still use Avast on XP machines because it seems to run more smoothly than MSE. But all my Windows 7 machines (and those I troubleshoot for friends) get MSE.

Go, MSE. go. I have tried many antiviruses, both free and paid, and i find MSE best. Not slowing my pc, keeps it safe, what do i need more?

Exactly why I use it. I haven't had a virus since starting to use MSE (and before) so I see no reason to change. It never nags me. The only time I ever get a message from it is if it detects any malware. It doesn't bring my computer down to a crawl and updates are handled automatically by Windows Update. It's wonderful.

I HATE real-time AV, but it's a fact of life anymore, so if it wasn't for MSE coming along I'd be using nothing (win7 essentially demands you have an AV, so since MSE is an extension/replacement for the default Defender on win7, it's pretty much a no-brainer). Of course, being careful using a secure (as possible) browser and common sense is the other requirement.

I have tried the last 2 Avast versions, and while it is very nice indeed, it was quite overkill to my taste. But that would be my second choice (or "Norton Security Suite" free from comcast which actually is the best performing of all I have tried!).

for those of you who say its the best free antivirus you probably haven't tried avira or bitdefender's free versions. MSE has missed several viruses for me hence why i no longer use it. Avira gets everything, admittedly i get a fair few false positives but i'd rather have that than viruses.

It always does badly in av-comparatives.org tests too, it just isn't a good program. If i were microsoft i'd buy Bitdefender and integrate their technology into it's products.

Edited by torrentthief, Jan 17 2013, 8:39pm :

Best doesn't necessarily mean best detection rates, it also means nil (or very low) false positives and an ability to stay out of the way. For people who uses antivirus for those rare moments when their common sense is on a coffee break, the latter is more important. Neither Aivra nor Bitdefender is as good as MSE in being forgotten.

Someone please help with my reading comprehension here, how does Microsoft know that customers did not encounter the samples in the AV-Test if their own MSE couldn't catch it?

If they have this telemetry data that can so accurately point out malware or a 0-day, shouldn't they also have a virus definition in MSE for it?

I'm glad I'm not the only one who thought that this was nuts. I knew when I saw the headline, I'd see some BS so of course I had to click.

I'm guessing the malware telemetary data that MS get is not just sent by MSE/Win Defender, and they can somehow tell from the telemetry they also get from the OS.

I've purposely infected my Win 8 PC just to test the new Windows Defender (it's basically now the full MSE) and it's caught it all, even on external USB drives it's instantly caught it.

Its kinda like being able to distinguish the sound of different engines. Although you may know its a car, and that car is running, that doesnt mean you know how to change its oil, or turn it off.

You guys should actually read the tech blog. They went back and asked the client to explicitly look for the missing files.

The telemetry data comes from the "Microsoft Active Protection Service" or "MAPS" that is built into MSE/Windows Defender on 8. MAPS basic membership is enabled by default, and users are able to either opt for the advanced membership (which sends more information about detected malware and potentially unwanted software to Microsoft) or opt out of the service entirely.

http://i.imgur.com/eBPR9.jpg

Never had any virus since I installed windows 8 or stared using it on windows 7.... I believe they are acting to give it bad reputation so that it wont render other companies useless

benalvino said,
Never had any virus since I installed windows 8 or stared using it on windows 7.... I believe they are acting to give it bad reputation so that it wont render other companies useless

this.. im not usually into conspiracy theories, but MSE has made most anti-virus programs obsolete, so it wouldn't surprise me if some of those companies paid a few bucks to make MSE look bad and thus keeping themselves relevant.

I've had all free antiviruses out there,and as soon as mse was released I've installed it and never installed another antivirus.Never had any problems with it and I recommand it to everyone

Just Sal said,
MSE is still the best free AV IMHO.

Yup,

Ive had plenty of viruses stopped right as they appeared. Thank God for MSE, or rather windows defender (now that im using w8).

Agreed. It is the only free AV that I will use, having tried pretty much all of them. I used to love Nod32, but the yearly subscription seemed a waste after 5 years of using it. MSE all the way!

Agreed on that. I was paying for Nod32 for many years. Even though it failed me several times. MSE has only failed me once with the first public beta.

jedimasterk said,
After seeing this report I just switched to Avast.

Have you ever actually encountered problems with MSE or are you overreacting to an article you read on the interwebs?

Well, I used to have MSE installed in 4 computers at my home, but I have since changed to a paid version (Bit Defender, which was the highest scoring AV in AV-Test), because MSE failed to find 2 viruses on my wife's laptop. So far, I'm liking their solution, which even alerts me of updates to all the software I have on my computer.