January 18, 2013 report
Microsoft Security Essentials misses AV-Test Certified status
AV-Test is an independent testing lab based in Germany. As a service provider in IT security and anti-virus research, they aim at detecting and analyzing malware, and informing customers of results. Their work is done at laboratories in Magdeburg and Leipzig.
Microsoft's site presents Microsoft Security Essentials as "built for individuals and small businesses, but "based on the same technology that Microsoft uses to protect giant businesses."
Microsoft missed certification by one point on the current test. In the previous failure the company missed certification by half a point.
"During November and December 2012 we continuously evaluated 25 home user security products using their default settings," said the AV-Test account of its recent testing.
"We always used the most current publicly-available version of all products for the testing. They were allowed to update themselves at any time and query their in-the-cloud services. We focused on realistic test scenarios and challenged the products against real-world threats. Products had to demonstrate their capabilities using all components and protection layers."
Microsoft, meanwhile, issued a statement regarding the test results. "We continually evaluate and look at ways to improve our processes. We know from feedback from customers that industry testing is valuable, and their tests do help us improve," said Joe Blackbird, program manager, Microsoft Malware Protection Center, in a response. "We're committed to reducing our 0.0033 percent margin to zero."
On Microsoft's side, he said, "We conduct a rigorous review of the results whenever test results warrant it. We take the protection of our customers very seriously, and the investments we make to do these reviews is an example of that commitment."
At the same time, he said, it was difficult for independent anti-malware testing organizations to devise "tests that are consistent with the real-world conditions that customers live in." Blackbird reviewed a number of points, using figures to support his views. He offered "some key upfront data points to keep in mind." Among the points listed in his response:
"AV-Test's test results indicate that our products detected 72 percent of all '0-day malware' using a sample size of 100 pieces of malware. We know from telemetry from hundreds of millions of systems around the world that 99.997 percent of our customers hit with any 0-day did not encounter the malware samples tested in this test."
© 2013 Phys.org