MS gaining fast in AV-Comparatives tests

Posted by   Virus Bulletin on   Sep 3, 2007

Detection rates up 7% in six months, more improvement predicted.

AV-Comparatives have released the results of their latest test of detection rates, pitting 17 scanners already known to perform well against their huge collection of malware. The most improvement over the previous run, which took place in February, was shown by Microsoft, whose score shot up by 7%.

The tests take the form of an on-demand scan over a testset of over 800,000 verified samples, including file and macro viruses, worms, trojans, backdoors and other malware, using 'best possible' settings. Multi-engine product AEC Trustport (which combines detection technologies from Norman, BitDefender and AVG) topped the tables with over 99.64%, with Avira's AntiVir in second place and another multi-engine scanner, GDATA's AVK, in third - both scored over 99%. Symantec and Kaspersky round out the top five, both spotting over 98% of all samples.

Microsoft's scanning engine, used in the OneCare home-user product and the Forefront corporate range, fared poorly in the previous test, failing to achieve the 85% required for participation in the tests. However, recent efforts, including an ongoing recruitment programme hiring experts from around the world, continue to pay off for Microsoft as the latest figures show a 7% improvement in detection in the last six months. A score of 90.7% puts the product in 15th place out of the 17 competitors, but qualifies for AV-Comparatives's 'Standard' certification.

'Microsoft's detection rates are improving fast, and they look likely to make it to the 'Advanced' level in time for next year's tests', said Andreas Clementi, who runs the AV-Comparatives testing. 'Having now reached the highly-respectable 'Standard' level, as well as passing Virus Bulletin's VB100 certification, Microsoft are proving to be an increasingly strong competitor for the other AV vendors to take on.'

Also attaining the 'Standard' level were products from Dr.Web, F-Prot, Fortinet (whose heuristics were deactivated at their request, to reduce false positives), and Norman. McAfee and Alwil's avast! reached the 'Advanced' level, while AVG, ESET's Nod32, F-Secure, eScan and BitDefender qualified for AV-Comparatives' highest accolade, 'Advanced+', alongside the top five.

The same set of products will return to the test bench in November for retrospective and false-positive tests. Full details of the latest test results, and testing methodologies, can be found on the AV-Comparatives site, here. As with all test scores, readers are advised not to base any purchasing decisions on the outcome of a single comparative, but to compare results across a range of tests, as well as taking other factors such as usability, features, support and pricing into consideration.

Posted on 03 September 2007 by Virus Bulletin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VB2018 paper: Lazarus Group: a mahjong game played with different sets of tiles

The Lazarus Group, generally linked to the North Korean government, is one of the most notorious threat groups seen in recent years. At VB2018 ESET researchers Peter Kálnai and Michal Poslušný presented a paper looking at the group's various…

Book your VB2019 ticket now for a chance to win a ticket for BSides London

Virus Bulletin is proud to sponsor this year's BSides London conference, which will take place next week, and we have a number of tickets to give away.

First 11 partners of VB2019 announced

We are excited to announce the first 11 companies to partner with VB2019, whose support will help ensure a great event.

VB2018 paper: Fake News, Inc.

A former reporter by profession, Andrew Brandt's curiosity was piqued when he came across what appeared at first glance to be the website of a small-town newspaper based in Illinois, but under scrutiny, things didn’t add up. At VB2018 he presented a…

Paper: Alternative communication channel over NTP

In a new paper published today, independent researcher Nikolaos Tsapakis writes about the possibilities of malware using NTP as a covert communication channel and how to stop this.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.