Vulnerability Alerts
SANS
 
Microsoft
 
CERT/CC
 
 
 
Latest Comments
"Good! Its very good blog the for the people who are having debit collection and credit report ..."
on Fake Microsoft anti-spyware site stealing credit card info
by identity theft lawyers | Jul 4, 2009 6:55 PM
 
"nothing"
on Ads on Facebook serving up adware
by UMAIR | Jul 4, 2009 5:54 PM
 
"Thank you "
on Search engine promises completely private surfing
by Dr. Holub | Jul 4, 2009 11:17 AM
 
"Agree that wireless hotspots are an easy way for hackers to gather information from connected ..."
on New devices make hotspots a hacker's paradise
by Patrick Hooper | Jul 3, 2009 4:06 AM
 
"Katarzyna what has this got to do with Symantec?? "
on Mobile phone directory service faces consumer uproar
by PaulC | Jul 2, 2009 12:55 PM
Malware

Security firms fail on Windows Server

  • Email a Friend
  • Print Page
Related Articles
By Shaun Nichols
Oct 2, 2008 10:02 AM | 1 Comment
Tags: VB100 | test | Windows | Server | firms | fail
Some of the biggest names in the security industry have failed the latest Virus Bulletin VB100 test.
Some of the biggest names in the security industry have failed the latest Virus Bulletin VB100 test.

The test examined 100 pieces of malware collected from active samples and put them up against a number of major security suites for Windows Server 2008.

Of the 24 products pitted against the test, 16 passed, while 8 fell short due to missed malware samples or false positive returns.

Most of the major vendors, such as McAfee, Symantec, Microsoft and Sophos were able to pass the test. However, several others, including F-Secure, Kaspersky and Computer Associates, saw their security offerings fall short of the certification.

Other firms failing the test included Redstone, Avira, Microworld, Quick Heal and ArcaBit, whose ArcaVir product missed 93 wildlist samples and returned 3 false positives.

In order to pass the test and receive a VB100 certification, a product must be able to identify all 100 pieces of malware without returning any false positives for uninfected files.

CA's eTrust software missed one item from the malware list, while F-Secure and Kaspersky antivirus products each returned one false positive result.

Conspicuously absent from the latest VB test was Trend Micro. The company pulled out of the tests following a failure in April.

Critics of the VB100 test say that the testing system is antiquated and relies too heavily on signature-based testing, which checks for known malware samples, rather than more recently-developed heuristics, or behavior-based, checking methods that can catch new or unknown malware.

Copyright © 2009 vnunet.com

 
Ads by Google
Thoughts on this article? Add a comment below.
Comments: 1
It does not matter whether the test relies on signature-based testing instead of heuristics, or behavior-based checking methods, the issue is whether it can detect the malware or not. It means nothing if it does not work properly or not work at all. Tony
SC Magazine - comments icon Posted by TonyOct 3, 2008 8:47 AM
Report this comment as offensive:

   * Indicates information we require to process your submission.

Name: *
Email: *
Reason for offense: *
Your report will not be displayed.  
Name:
*
 
Email:
(will not be displayed)
*
 
Comment:
(HTML not permitted)
*
 
Validation
*

Enter the code you see below:

 

 
 
 
 
 
Exclusive Data Centre - Sponsored Content by Microsoft
 
Vulnerabilities & Exploits Whitepapers
 
Popular Tags
available botnet candidate executives features firms ftp infected islands microsoft patches release security server test tuesday updates vulnerability windows wsus