We might as well start with the moral of this story: Don’t protect Windows with Windows.
For at least a decade, Microsoft has been chanting the mantra, “at Microsoft security is job one,” over and over and over. During this time, it’s repeated this mantra often enough to convince a lot of people that Windows is much safer than it once was, which I suppose is true since it couldn’t have gotten much worse. However, a new report from AV-Test proves the company isn’t yet ready to move up to the next mantra level and begin chanting, “at Microsoft we do security right,” because clearly it doesn’t.
AV-Test is an independent German organization that evaluates and rates antivirus and security software for Windows and Android, and publishes the results of their tests every two months, offering certification to antivirus solutions that pass muster. Last Wednesday, the organization published some figures on the results of tests on various antivirus programs protecting Windows 7. Since then, the tech press has been having a heyday with the results — not because any particular antivirus solution emerged as a clear winner, but because Microsoft was the clear loser.
As I wrote a couple of weeks ago in another antivirus related story: Poor Microsoft can’t catch a break.
How poorly did Microsoft’s AV perform? So poorly that AV-Test wouldn’t recommend them. In a section of the report outlining why Windows 7 needs protection, the organization says this about Redmond’s own AV protection:
“An economical option for protecting a corporate network is the use of the endpoint module, bundled in the Microsoft Management Suite System Center 2012. The test revealed, however, that this is not to be recommended. The solution was awarded 0 points by the testers in terms of its protection function, and it achieved only 11 out of 18 possible points.”
Ouch! And the irony is, the Microsoft product wasn’t even being tested for certification, but as a comparative base.
So let’s look at the comparison: Under the “Protection” heading, where Microsoft scored its zero, half of the apps tested received a rating of six, the maximum, and two companies’ products, Bitdefender and Kaspersky, received maximum scores across the board. Microsoft fared better in the other two sections, scoring five out of six points under “Performance,” which measures how much system resources a program uses, and six out of six points for “Usability.”
The failure came because the Microsoft product isn’t very good at recognizing threats — which is the whole purpose of AV programs. According to AV-Test. it failed at recognizing unknown threats by behavior and at recognizing known malware from it’s database of definitions:
“In this critical test area, a total of 6 products achieved a 100% detection rate, earning the maximum score of 6 points. This included Bitdefender, F-Secure, Trend Micro, Symantec, and both solutions from Kaspersky. Microsoft Security Essentials, tested for comparison, detected only 73 and 87 percent respectively in the test. This accounted for the rating of 0 points.”
I know what you’re thinking, especially those of you who defend Microsoft. You’re thinking that Microsoft’s anti-virus solution isn’t meant to be a last defense. Microsoft only expects its free AV to be used until a third party solution is implemented. Sounds good, but it’s wrong. Actually, Redmond pushes its AV on its website as all that’s really needed to keep a Windows machine safe and secure:
“Use Microsoft Security Essentials to help guard against viruses, spyware, and other malicious software. It provides real-time protection for your home or small business PCs.
“Microsoft Security Essentials is free and we designed it to be simple to install and easy to use. It runs quietly and efficiently in the background so you don’t have to worry about interruptions or making updates.”
I assume that most enterprise users of Microsoft products already know not to trust Redmond to handle Windows’ security. I worry, however, about the poor consumer who plops a thousand dollars down for a laptop, and thinks it’s just fine to stop in to use the free Wi-Fi at Mickey Dee’s for a quick check of the bank account while being protected by nothing more than the best Redmond has to offer.
Help keep FOSS Force strong. If you like this article, become a subscriber.