http://www.techworld.com/security/news/index.cfm?newsID=8169 By John E. Dunn Techworld 02 March 2007 A new test of anti-malware programs has found that Microsofts OneCare software is by some margin the weakest product on the market. Austrian outfit, AV Comparatives, found that out of 17 programs put through extensive tests against a wide range of malware, OneCare was only able to detect an average of 82.4 percent of what was thrown at it. To put this into context, the next worse program, Dr Web, scored 89.27 percent, with the other 15 programs under scrutiny scoring rates from approximately 92 percent to 99.5 percent. The top-scoring programs were G Data Securitys AntiVirusKit (99.45percent), AECs TrustPort AV (99.36 percent), Aviras AntiVir PE Premium (98.85 percent), Kaspersky Labs Kaspersky AV (97.9 percent), and MicroWorlds eScan Anti-Virus (97.9 percent). Rival big-name brands such as McAfees VirusScan, Symantecs Norton Anti-Virus, and GriSofts AVG, scored 91.6 percent, 96.8 percent, and 96.3 percent respectively, well above OneCares poor showing. The tests set the programs against a million-sample round-up of malware, including Windows and macro viruses, worms, backdoors, rootkits, Trojans, scripts, diallers, and spyware. AV Comparatives also tested each program against a sample of polymorphic viruses, a class of malware where a large number of related variants are generated from an original piece of malware. Detection rates for these are considered to be an acid test for anti-malware programs because it demonstrates the flexibility of a products detection engine. Again, OneCare scored weakly, detecting only 4 out of the 12 polymorphics pitted against it. The majority of other products found between 6 and 12 of these, with only three programs achieving poorer scores. Unlike all of its rivals, Microsofts OneCare is a new and clearly still immature product, and the company will no doubt aim to improve its performance as time passes. Nevertheless, it has a chequered recent history, falsely flagging Googles Gmail email service as suspicious, only last November. Then, two weeks ago, the companys Defender product scored poorly in tests carried out by an Australian lab, Enex Testlab. Defender was only able to pick up just over half of the malware tried against it. _________________________________________ Visit the InfoSec News Security Bookstore http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Sun Mar 04 2007 - 22:18:06 PST