SYMANTEC AND 11 OTHER FAILS VIRUS BULLETINTEST AUGUST 2009

Sunday, August 16, 2009

Virus Bulletin (VB) conducted its latest test in July, posting the results this month. The security research company evaluated 35 anti-malware products for the 32-bit version of Windows Vista SP2 Business. The basic requirements for a product passing the test is detecting, both on demand and on access, in its default settings, all malware known to be "In the Wild" at the time of the review, and not detecting any false positives when scanning a set of clean files. The products were pitted against about 3,000 unique samples of malware that fall into four categories: WildList viruses, Worms and bots, Polymorphic viruses, and Trojans.

A third of the products did not manage to meet these requirements: 23 products passed the test, leaving 12 products to fail. Here are the ones that failed, as well as the reason for not passing:

FAILED ANTIVIRUS LIST:

  1. Agnitum Outpost Security Suite Pro (one false positive),
  2. CA Internet Security Suite (960 polymorphic viruses misses),
  3. Filseclab Twister AntiTrojanVirus (2612 wildlist misses, 38 false positives),
  4. Finport Simple Anti-Virus (2897 wildlist misses, two false positives),
  5. K7 Total Security Desktop (one false positive),
  6. Kingsoft Internet Security 2009 Standard (228 wildlist misses),
  7. PC Tools AntiVirus 2009 (1188 wildlist misses, one false positive),
  8. PC Tools Internet Security 2009 (1355 wildlist misses, one false positive),
  9. PC Tools Spyware Doctor (1355 wildlist misses, one false positive),
  10. Rising Internet Security 2009 (43 wildlist misses, one false positive),
  11. Symantec Endpoint Protection (two wildlist misses), and
  12. VirusBuster Professional (one false positive).

An interesting thing to note in this test is Kingsoft's results: the Standard version failed the test while the Advanced version of the company's product passed. PC Tools, on the other hand, saw all three of its products bomb. Symantec's failure is particularly unacceptable as the security giant is often talked up as the top dog in the market. Microsoft's success with its Forefront product is promising not only for business users, but for consumers as well, given that the upcoming Microsoft Security Essentials product is closely tied to it.

The next VB test results will be posted two months from now and will be for Windows Server 2008, though actual testing will be conducted in September.

Update:

"In the past ten years, Symantec has earned 44 consecutive VB100 awards, something no other vendor has come close to matching," a Symantec spokesperson told Ars. "In the August edition of Virus Bulletin, Symantec did not receive the VB100 award certification due to missing an extremely rare replicant of a highly polymorphic file infecting virus in the VB lab test. We have received no reports related to this issue from any customers. This has been fixed in our signatures for all customers."

0 comments:

Bookmark and Share

ARCHIVE