[ISN] Microsoft's own antivirus fails to secure Vista

From: InfoSec News (alerts@private)
Date: Tue Feb 06 2007 - 22:24:23 PST


By Richard Thurston  
06 Feb 2007

Microsoft's own antivirus software, Live OneCare, is unable to fully 
protect Vista users against viruses; and one of McAfee's antivirus 
software packages also fails to protect users, according to independent 
research released on Friday.

Virus Bulletin, backed by a team of Oxfordshire-based security 
researchers, tested 15 antivirus software packages used by businesses 
and designed specifically for Vista, Microsoft's newest operating 
system, and released to businesses two months ago. The researchers 
tested whether each of the antivirus products would stop a set of 
viruses known to be currently circulating. In order to be awarded a 
pass, the software had to detect all the viruses with no false 

But out of the 15, four failed: Microsoft Live OneCare 1.5; McAfee 
VirusScan Enterprise version 8.1i; G DATA AntiVirusKit 2007 v17.0.6353; 
and Norman VirusControl v5.90. The other 11, including software from 
Computer Associates, Fortinet, F-Secure, Kaspersky, Sophos and Symantec, 
detected all the viruses.

"With the number of delays that we've seen in Vista's release, there's 
no excuse for security vendors not to have got their products right by 
now," said John Hawes, technical consultant at Virus Bulletin. "In these 
days of hourly updates, it's always a surprise and a disappointment to 
see major products missing them [viruses]. Vista cannot fend off today's 
malware without help from security products. It certainly looks like 
people upgrading to the new platform are going to need additional 
security solutions."

Joe Telafici, vice president of operations for McAfee's Avert Labs, told 
ZDNet UK that, in his opinion, Virus Bulletin had not used its latest 
antivirus updates, causing the failure. He said McAfee would issue 
further results with the updated software.

Microsoft pledged to improve Live OneCare. A company spokesperson told 
ZDNet UK: "We are looking closely at the methodology and results of the 
test to ensure that Windows Live OneCare performs better in future tests 
and, most importantly, as part of our ongoing work to continually 
enhance Windows Live OneCare."

On the subject of Vista, the Microsoft spokesperson added: "It's 
important to remember that no software is 100 percent secure. Microsoft 
is working to keep the number of security vulnerabilities that ship in 
our products to a minimum, through our Security Development Lifecycle 
process, and that work is paying off. The release of Windows Vista is 
the first Microsoft operating system to use the Security Development 
Lifecycle from start to finish and was tested more, prior to shipping, 
than any previous version of Windows."

Subscribe to the InfoSec News RSS Feed

This archive was generated by hypermail 2.1.3 : Tue Feb 06 2007 - 22:35:00 PST