[VR-Zone] Microsoft's Security Essentials loses certification after failing AV-TEST

[Karolis]

Let's think for a moment...

How many windows machines have you had to clean malware/tojan/viruses/whatever where the user had been using Internet Explorer?

99.9% .. and my experience some were even using Security Essentials and it was update to date... In most cases you switch the other to any other webrowser Opera/chrome/firefox and advise the user to only use IE on web sites that don't work without it and they rarely ever have a problem. MS can't even stop MSN or hotmail from being hacked so why would you trust their av/firewall products??

One might say there's a pattern there I personally would use the above MS products, but at the same time it's MS' way of keeping IT going and that's important.

IE since at least IE9 had been a really safe browser
https://www.nsslabs.com/reports/brow...neered-malware

[Generic user #2]

In most cases you switch the other to any other webrowser Opera/chrome/firefox and advise the user to only use IE on web sites that don't work without it and they rarely ever have a problem.

man, i can tell you haven't done enough real-life technical support/maintenance. I can personally attest to 0% success rate in 'not using IE prevents malware."

almost all malware infections are PEBKACs.

EDIT:

to be more clear, switching browsers does NOT prevent someone from downloading from a bad link. Teaching them that clicking on bad links is bad when you switch their browsers* is the key to lower infection rates.

* you don't really even need to switch their browsers. although, as a web developer, please do anyways, anything below IE10 is unacceptable.

[Particle]

It's interesting to note AV usage through the scale of increasing computer savviness.

Clueless - Runs whatever their PC came with, if anything.
Normal - Installs an alternate browser and some crappy AV solution.
Clever - Installs an alternate browser and claims AV isn't necessary because they're clever.
Informed - Installs an alternate browser, exercises good caution to avoid malware when possible, but still runs a good AV package to protect against that which can't be avoided simply by being a clever user.

Only those ignorant of security and malware in this modern age assume that they can be safe because they know to hover over links to see where they're going, refuse to open attachments from those they don't know, and other such basic things. If your computer is connected to the Internet, you're vulnerable no matter who is sitting at the keyboard. If your computer is a PC you bought in 1992 that never has anything new installed on it and doesn't have a NIC, congratulations, that boring system is safe.

[safan80]

IE since at least IE9 had been a really safe browser
https://www.nsslabs.com/reports/brow...neered-malware

Windows xp still has 40% of the windows market and cannot run it.

man, i can tell you haven't done enough real-life technical support/maintenance. I can personally attest to 0% success rate in 'not using IE prevents malware."

almost all malware infections are PEBKACs.

EDIT:

to be more clear, switching browsers does NOT prevent someone from downloading from a bad link. Teaching them that clicking on bad links is bad when you switch their browsers* is the key to lower infection rates.

* you don't really even need to switch their browsers. although, as a web developer, please do anyways, anything below IE10 is unacceptable.

Teaching internet security in a vacuum?
It takes more than teaching a person to avoid bad links, they have to want to change their bad internet habits. You are teaching them to be more security aware such things as keeping their ant-virus software up to date and having the latest security patches installed. Sure the younger users are easier to get to about internet security, but it?s the older users that are not tech savvy a lot of times just don?t care, they just want their games and MS office to work. Most users that are in a bad way are still using windows xp which stops at IE8. Windows 7 doesn?t even have a final release build for IE10 yet. There are computer users that act like drunk drivers who don?t care that he drives drunk or in this case uses the computer in a unsafe manner he?s going to become a repeat offender. I teach them but I'm not responsible for the choices the user makes on their own.

It's interesting to note AV usage through the scale of increasing computer savviness.

Clueless - Runs whatever their PC came with, if anything.
Normal - Installs an alternate browser and some crappy AV solution.
Clever - Installs an alternate browser and claims AV isn't necessary because they're clever.
Informed - Installs an alternate browser, exercises good caution to avoid malware when possible, but still runs a good AV package to protect against that which can't be avoided simply by being a clever user.

Only those ignorant of security and malware in this modern age assume that they can be safe because they know to hover over links to see where they're going, refuse to open attachments from those they don't know, and other such basic things. If your computer is connected to the Internet, you're vulnerable no matter who is sitting at the keyboard. If your computer is a PC you bought in 1992 that never has anything new installed on it and doesn't have a NIC, congratulations, that boring system is safe.

I would add the users who are aware of that that they need to be cautious of their habits on the internet to a separate group knowledgeable but dangerous.

[chinaguy]

I use MSSE in school on 400PCs and it keeps them all clean of infection! If it can protect a PC with a bunch of junior hackers using them it must work ok!

[kromosto]

I use MSSE in school on 400PCs and it keeps them all clean of infection! If it can protect a PC with a bunch of junior hackers using them it must work ok!

the question is are you sure they are clean? My co worker said nearly the same as you "I use MSE and my computer is clean". Then i simply install trial version of kaspersky pure 2.0 after a full system scan it found 8 trojans 3 malwares . Note: he doesn't even visit suspicious sites or make risky things on internet, i mean his common sense is good

[paulbagz]

We have Endpoint protection and have had less issues then when using Sophos.

-PB

[kromosto]

I am using kaspersky for a long time. Now got 6 licences but after all those years KIS2013 made me unhappy. I am not sure if i will continue with kaspersky or change it.

[mattkosem]

Clueless - Runs whatever their PC came with, if anything.
Normal - Installs an alternate browser and some crappy AV solution.
Clever - Installs an alternate browser and claims AV isn't necessary because they're clever.
Informed - Installs an alternate browser, exercises good caution to avoid malware when possible, but still runs a good AV package to protect against that which can't be avoided simply by being a clever user.

I think you're missing the "security crazed, but no AV software" category. Those of us who go out of our way to keep our computers out of harms way by running non-x86 hardware on our primary browsing systems, running less common (Linux) or even obscure OSs (FreeBSD, OpenBSD, Gnu Hurd, etc.), making sure the browser is running with a user that has almost no access to anything, and even still use plugins to prevent scripts from running and don't use flash (the latter primarily because it isn't available on many of these platforms).

I think you're also forgetting the new demographic that doesn't have PCs, and does all of their browsing on Android/IOS tablets and phones where traditional (realtime) AV protection isn't available.

Bottom line, claiming that any people that aren't using AV aren't protected or somehow ignorant is a pretty big generalization.

--Matt

[JaD]

While Security Essentials scored exceedingly well when it came to usability - 5.5 out of 6; which included false positives and system resource impact, but fell down really hard when it came to zero-day protection where it only picked up on 64% of new threats in comparison to the industry standard of 89%.

I'm pretty sure Microsoft's (questionable) monthly definition updates play a big role in this. Most other AV solutions update definitions as often as every day, hence such a high (89%) industry average which can in no way be entirely reliant on ever-failing heuristics: point in case, it's the sole category where MSE performs badly, just like it did on the previous test.

[zalbard]

I'm pretty sure Microsoft's (questionable) monthly definition updates play a big role in this. Most other AV solutions update definitions as often as every day, hence such a high (89%) industry average which can in no way be entirely reliant on ever-failing heuristics: point in case, it's the sole category where MSE performs badly, just like it did on the previous test.

They aren't monthly, they are daily.

[JaD]

My bad then, I just assumed they were since a monthly definition update always shows up along with the rest every second Tuesday of the month.

[Syn.]

I'm pretty sure Microsoft's (questionable) monthly definition updates play a big role in this. Most other AV solutions update definitions as often as every day, hence such a high (89%) industry average which can in no way be entirely reliant on ever-failing heuristics: point in case, it's the sole category where MSE performs badly, just like it did on the previous test.

MSE v1.0 was a very decent product. It got 4, 4.5 and 5.5 in AV-TEST during 2010. This is the point where it got loads of publicity and main AV companies showed their distaste for MS trying to compete with paid products with a free product. In 2011 MSE v2.0 was released and it got much poorer results in AV-TEST 2.5, 3.5 and 5.5. MSE 2.1 got 3.0, 5.5 and 5.0. Latest protections are down to 1.5. Its quite obvious. MSE is basic AV/AS protection nothing more. Hence why MSE v5 is called Windows Defender in Win8. Plus i am sure all other AV companies appreciate for MSE performing worse.

http://www.av-test.org/no_cache/en/t...t_no%5D=102237
http://www.av-test.org/no_cache/en/t...t_no%5D=110968
http://www.av-test.org/no_cache/en/t...t_no%5D=121355

[BababooeyHTJ]

Can you disable the anti-virus portion of Windows defender in Windows 8 and still use the firewall?

[Syn.]

Can you disable the anti-virus portion of Windows defender in Windows 8 and still use the firewall?

You can. Install other AV.

[Ket]

I've used Avast with Waterfox for some time, combined with common sense I've never got any viruses / malware etc. Yay

[WangChung]

AVG Free for almost a decade here.
Common sense about not clicking on links/ads.
Install ABP on people's machines with Chrome/Firefox to keep them from clicking on stupid stuff.

Any questionable links I want to check out, I fire up a Mint VM and go from there.

Virus free since ~2003

[Mats]

Hence why MSE v5 is called Windows Defender in Win8. Plus i am sure all other AV companies appreciate for MSE performing worse.

It says version 4.0 here in W8.

[TurboDiv]

Since I have no common sense and do all my banking online, I use Kaspersky Internet Security. Last few years no issues at all.

[Syn.]

It says version 4.0 here in W8.

Strange. That would mean they rebranded an older version. Maybe something went wrong with the 4.1. I assumed since MS billed Win8 Win Defender as a replacement for MSE 4.1 that it would mean it is v5. Anyway i am testing out Bitdefender atm, seems very nice so far.

[Sparky]

AVG Free for almost a decade here.
Common sense about not clicking on links/ads.
Install ABP on people's machines with Chrome/Firefox to keep them from clicking on stupid stuff.

Any questionable links I want to check out, I fire up a Mint VM and go from there.

Virus free since ~2003

I stopped using AVG once it became huge bloated and was actually causing weird webpage stalling. Removed and issues went away.

Honestly I don't even use AV software on my personal PC anymore. I've never needed it in the past and I don't go to dark corners of the internet anyway, so my chances are already pretty low of getting an infection. I run a MBAM scan on occasion and have yet to find anything.

[Buckeye]

I am using kaspersky for a long time. Now got 6 licences but after all those years KIS2013 made me unhappy. I am not sure if i will continue with kaspersky or change it.

I am in the same boat as you, Kas 2013 just simply is the worst on Windows 8 & 7 for that matter.
I built 7 machines the other day running Win 7. The client wanted Anti-Virus and I have used Kaspersky for a long time. I purchased two Kas 2013 packs from Newegg and it would not install on Win 7. I ended up finding a Kas 2012 download and used that.

What Aniti-Virus is good now for Win 8 ?

[Nelly]

I am in the same boat as you, Kas 2013 just simply is the worst on Windows 8 & 7 for that matter.
I built 7 machines the other day running Win 7. The client wanted Anti-Virus and I have used Kaspersky for a long time. I purchased two Kas 2013 packs from Newegg and it would not install on Win 7. I ended up finding a Kas 2012 download and used that.

What Aniti-Virus is good now for Win 8 ?

Did you try the latest product update Version 2013 (13.0.1.4190) >> http://www.kaspersky.co.uk/productupdates

Only time I've had an issue with Kaspersky was a very early version of 2012, Kaspersky update the overall product every so often to iron out any bugs.

Mine runs out in the next few days, I might give something else a try... been using Kaspersky for about 5 years.

[Sparky]

One of our clients uses Kaspersky in their office and I swear every time I'm in there each month at least one PC hasn't updated in days because the updater has been stuck "downloading" for 200 hours doing nothing.

[Buckeye]

Did you try the latest product update Version 2013 (13.0.1.4190) >> http://www.kaspersky.co.uk/productupdates

Only time I've had an issue with Kaspersky was a very early version of 2012, Kaspersky update the overall product every so often to iron out any bugs.

Mine runs out in the next few days, I might give something else a try... been using Kaspersky for about 5 years.

On my Win 7 machines with KAS 2012 they work great.
I have used the latest KAS 3013 on fresh Win 7 machines and it won't install.
When running KAS 2013 there are just to many issues to keep in on my machine.