Microsoft bombs another security test

Updated Thursday, January 17, 2012, at 4:50 p.m. PDT with comment from AV-Test.org.

For the second time in a row, Microsoft Security Essentials has failed to be certified as effective by AV-Test.org, an independent testing lab based in Germany.

The lab publishes test results every two months, and the test from November and December 2012 looked at 25 consumer antivirus security programs. Three failed certification: PC Tools Internet Security 2012, AhnLab Internet Security 8.0, and Microsoft Security Essentials 4.1.

This was the second test in a row in which MSE failed to earn certification. That's notable because the software is the most popular security suite in North America and the world according to Opswat. You can check the full AV-Test.org results here.

Dave Forstrom, director of Trustworthy Computing for Microsoft, e-mailed a response to a request for comment on the test results that did not directly address the fact that Security Essentials has failed two consecutive tests.

Microsoft believes in a defense in-depth strategy for antimalware protection that includes using Microsoft Security Essentials / Windows Defender in tandem with other appropriate security features such as SmartScreen, as well as keeping all software up-to-date. Our antimalware engine is designed to work in concert with these Microsoft security features to create a comprehensive security strategy. Microsoft focuses its protection efforts on what affects our customers, using real-world data collected from more than 600 million systems worldwide. We weigh these samples by severity and prevalence of malware in the wild.

He added that more information on Microsoft's "customer-based prioritization process" is available here.

AV-Test.org CEO Andreas Marx wrote in an e-mail to CNET that the problem facing many security suites is the modern nature of viruses. "[E]very two seconds we see three new malware samples, which [add] up to a few million samples per month. Instead of looking at millions of samples, our focus is on the unique families. Out of every family, we select recent samples in order to use them in our tests. So the impact of these samples is indeed low, however, the impact of the malware family is considerably high. We favor the family-based approach over the sample-based one because of today's malware situation," he said.

Microsoft missed certification by a full point on the current test, worse than the previous failure when the company missed certification by half a point. Meanwhile, AhnLab notched its third failure in the past year, although none of them were consecutive.

PC Tools' poor showing this time around was its first in the past 12 months.

Marx's e-mail announcing AV-Test's results stated that the lab found that an average of 92 percent of the zero-day attacks were blocked. "This means one out of ten malware attacks succeeded," he wrote. He added that the products were able to clean 91 percent of the infected systems, but that "only 60 percent" could be returned to a "pre-infection state."

While relatively few people are using AhnLabs' ineffective security suite, the same can't be said for Microsoft Security Essentials. If you are using MSE, I recommend uninstalling it and going with any other security suite. Free suites that received good ratings from CNET this past year are Avast, AVG, and Panda Cloud Antivirus.

In the test that Microsoft just failed, Avast and AVG Free scored 14 out of 18, while Panda hit 13 out of 18. The best-scoring product was the paid license Bitdefender Internet Security 2013, which notched 16.5. Other top scores that bested the free suites came from F-Secure Internet Security 2013, Kaspersky Internet Security 2013, Norton Internet Security 2013, and Trend Micro Titanium Maximum Security 2013.