June 24, 2009, 12:12 PM — Microsoft's free security software passed a preliminary antivirus exam with flying colors, an independent testing company said today.
AV-Test GmbH tested Windows Security Essentials, the free software Microsoft launched yesterday in beta, on Windows XP, Vista and Windows 7, putting it up against nearly 3,200 common viruses, bot Trojans and worms, said Andreas Marx, one of the firm's two managers. The malware was culled from the most recent WildList, a list of threats actually actively attacking computers.
"All files were properly detected and treated by the product," said Marx in an e-mail. "That's good, as several other [antivirus] scanners are still not able to detect and kill all of these critters yet."
AV-Test also measured Security Essentials against a set of in-house false positives to see whether the software mistakenly fingers legitimate files, a nightmare for users, who can be left with a crippled computer, and a disaster to the reputation of a security company.
"None of the clean files were flagged as being malicious," noted Marx. "Very good."
AV-Test also examined the program's anti-rootkit skills and its ability to scrub a system of malware it finds with a limited number of samples and "found no reasons to complain," Marx said. "[Security Essentials] is able to remove found malware very well, but further tests against larger sets of samples are required before we can come to a final conclusion."
Marx put to rest the once-rampant rumor that Security Essentials would operate "in-the-cloud" by scanning PCs from Microsoft's servers. "The scanner works with the locally-installed anti-virus and anti-spyware databases -- it doesn't appear to use 'in-the-cloud scanning' methods," he said.
AV-Test's results will disappoint some rivals in the security market, who yesterday knocked Microsoft's effort. "It just doesn't give you the protection that you need," argued J.R. Smith, the CEO of AVG Technologies, a company best-known for its free antivirus software. "People aren't worried about antivirus anymore. Most of it is just noise. [Security Essentials] will help, especially in emerging markets. But it's centered around viruses, which the bad guys aren't really pushing anymore."
Instead, cyber criminals increasingly rely on compromised Web sites to hit incoming PCs with exploits against unpatched vulnerabilities, said Smith. AVG packages LinkScanner, software that scans a URL for signs of infection, with its paid products. A free version of LinkScanner can also be downloaded from the AVG site.
Another noted antivirus testing lab, AV-Comparabives.org, said it would formally test Security Essentials in August, and release its results the next month.
Microsoft posted the beta of Windows Security Essentials to its site yesterday, saying it would cap the downloads at 75,000, which it has reached. As of early Wednesday, the site stated: "We are not accepting additional participants at this time. Please check back at later a date for possible additional availability."
The new software, formerly known as "Morro," replaces Windows Live OneCare, the for-a-fee security package that Microsoft is tossing June 30.
Microsoft has not revealed a ship date for the software, but the program's end-user licensing agreement (EULA) notes that it expires Sept. 30 or when the program is released, whichever comes first.
It's likely that Microsoft will deliver Security Essentials before it ships Windows 7, which is slated to debut Oct. 22.
