News

Microsoft Slams Failing Test Results for Security Essentials

Redmond claims AV-Test methodology is flawed.

It's deja vu, all over again. Or maybe Groundhog Day.

Last December, Redmond magazine reported that Microsft's free antivirus program, Microsoft Security Essentials, failed when AV-Test, a German security firm that specializes in evaluating antivirus software, put it through the wringer.

Apparently, Microsoft was not fazed by the report, and did little to help its score. Case in point: AV-Test is back again with another test and Microsoft's Security Essentials continues to come up short.

In the recent test, which was conducted over the month of December, Microsoft's antivirus was only able to protect 78 percent of zero-day malware attacks. While this is a slight improvement over the last test (in which Security Essentials only blocked 71 percent), it falls well short of the industry average of 92 percent.

While Microsoft was quiet when I wrote about November's test in December, it's been very vocal this time around, claiming that AV-Test's methodology is flawed. And its main argument was that the average Security Essentials user does not encounter the same type of malware that AV-Test used during its evaluation.

"Our review showed that 0.0033 percent of our Microsoft Security Essentials and Microsoft Forefront Endpoint Protection customers were impacted by malware samples not detected during the test," wrote Joe Blackbird, program manager for Microsoft Malware Protection Center, in a blog post. "In addition, 94 percent of the malware samples not detected during the test didn't impact our customers."

According to Microsoft's own testing, Security Essentials blocked a near-perfect 99.997 percent of zero-day attacks. While there could be questions concerning the validity of testing your own products, Microsoft's data is based off of real-world results.

Honestly, I'm a bit puzzled why Microsoft even responded to the AV-Test analysis in the first place. Its Security Essentials is the king of the mountain when it comes to market share (26.7 percent of North America, according to OPSWAT, so it obviously has the support of its customers.

And readers of this blog shared that same sentiment with me. When it comes to Microsoft, Redmond magazine readers have no objection to being overly critical of the company. However, you guys really like Security Essentials.

Dan from Iowa also provided some great insight on why that is, and why an antivirus shouldn't be measured based solely on its ability to block zero-day attacks:

"What's missing from the antivirus testing mentioned above is a measurement on stability. AV needs to work well as a background process. The reason MSE does so well is not because some testing firm found it detected this vulnerability that something else did not detect. The reason is because it is far more stable than most other anti-virus systems out there. Not surprisingly, if your testing doesn't involve actually having to support production services, things like Avast and Symantec can score well. However, in the real world, it has to run for weeks at a time without crashing your systems, and that is where MSE seems to shine over many of the other options."

 

About the Author

Chris Paoli is the site producer for Redmondmag.com and MCPmag.com.

comments powered by Disqus

Featured

  • Visual Studio 2019 v16.7 Ships with Better Git Integration

    Better GitHub integration and other improvements highlight the new Visual Studio 2019 Version 16.7 and first preview of v16.8.

  • Visual Studio Codespaces Private Preview Woos C++ Developers

    Microsoft announced a private preview of Visual Studio Codespaces, which eases the setup and use of cloud-powered development environments that can be used from anywhere for remote development and other scenarios, targeting C++ console app and library developers.

  • Data Prep for Machine Learning: Normalization

    Dr. James McCaffrey of Microsoft Research uses a full code sample and screenshots to show how to programmatically normalize numeric data for use in a machine learning system such as a deep neural network classifier or clustering algorithm.

  • Microsoft Intros Azure Well-Architected Framework Best Practices

    Taking a page from the Amazon Web Services (AWS) book on cloud computing platforms, Microsoft has introduced its own Azure Well-Architected Framework, providing a set of architecture best practices to help users build and deliver great solutions and improve the quality of cloud workloads.

  • Creating a Progressive Web App with Blazor WebAssembly

    Not surprisingly, it's dead easy to create an app in Blazor that runs outside of the browser window and (potentially) in an offline mode. Before you get carried away, though, there are some key design decisions to make.

.NET Insight

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.

Upcoming Events