Before you rely on Security Essentials to keep you safe, you might want to look at its accuracy record.
Last week’s blog post from Alan Shimel that showed Microsoft’s antivirus software, Security Essentials, is the most popular antivirus software product in the world came as no surprise. They give it away for free and push it on you if you go anywhere near Microsoft.com.
The encouraging news in the report is that people aren’t settling for
just MSE. They are also picking other products from Kaspersky, McAfee,
ESET and AVG. That’s good news because even Microsoft will be the first
to say that MSE isn’t meant to be your only line of defense.
MSE was an optional download for earlier operating systems, but
Microsoft has since rebranded it as Windows Defender and offers it out
of the box with Windows 8. All told, the security rate isn’t bad.
BitDefender, which I wrote about last month, ran some tests on Windows 8 and found that a system with just Windows Defender stopped 85% of the malware samples used in the tests.
On the down side, though, Microsoft appears to be falling behind in security and has just been dinged by AV-Test,
an independent German lab that does antivirus effectiveness testing.
From September to October 2012, the effectiveness of Security Essentials
at spotting zero-day malware attacks - catching unknown viruses that
are new in the wild - dropped from 69% to 64%. The industry average is
89%.
For detecting malware that's been discovered in the past few months,
Security Essentials scored a 90% detection rate, which is still well
below the 97% average for the industry. That’s just bad no matter how
you slice it. As a result, AV-Test has withdrawn its certification for
MSE.
In October, independent U.S. testing firm NSS Labs rated [PDF] MSE’s overall effectiveness at 65%, compared to the top dog, Kaspersky Internet Security 2012, at 92%.
I would have to think that the problem is due to how frequently
Microsoft updates MSE. I usually see an update to the library
definitions on Patch Tuesday. ESET’s NOD32, my main AV program, updates
once or twice a day. The way things work in malware, you just can’t go a
month in between updating virus definitions.
But, again, MSE isn’t trying to catch every last bit of malware.
Malware has a ridiculously long tail. If you get the top 100 pieces
floating around, you catch the vast majority. It’s your other
antimalware software that catches everything.
MSE lost AV-Test’s seal of approval in September 2010, but with the
release of version two in December 2010 it got the seal of approval
back. Even if Microsoft gets it back again, you really need a second,
stronger line of defense.
Clearly, Kaspersky has the lead, judging by both the AV-Test and NSS
tests. I’ve been very happy with ESET’s NOD32. It’s written in
assembler, so it’s very fast and very small. I can run a full system
scan in the background while playing Call of Duty with no system
impediment. Then again, my person system is a bit of a monster, not your
typical employee issue at the office.
The bottom line is that MSE is a good start, but you need to keep going.
No comments:
Post a Comment