MSE Missed 100% Of Malware In This Test

Symantec is the biggest, but it seems that it isnt making much money as before.

Kaspersky for example is ranked in fifth position in global corporate market, but seems more lucrative than Symantec.

See this:

http://www.forbes.com/sites/maggiem...splitting-into-two-publicly-traded-companies/

It isnt coincidence that Symantec is splliting in two ...

 

Here is one list. OPSWAT, Jan 2014
And, OPSWAT has collection limitations for their data.

16.3% Microsoft Security Essentials
13.2% avast! Free Antivirus
6.2% Windows Defender
5.0% Avira Free Antivirus
4.8% AVG Anti-Virus Free Edition
4.6% ESET Smart Security
4.2% Malwarebytes Anti-Malware Pro
3.3% AVG Internet Security
3.3% Kaspersky Internet Security
3.1% Norton Internet Security
2.8% ESET NOD32 Antivirus
2.7% COMODO Antivirus
2.5% McAfee VirusScan
2.3% Norton 360
2.2% avast! Internet Security
1.9% Symantec Endpoint Protection
21.7% Other

https://www.opswat.com/resources/reports/antivirus-january-2014

 

Since there appears to still be MSE aficionados here, I would advise reading this article: http://www.howtogeek.com/173291/goo...w-recommends-you-use-a-third-party-antivirus/ . If you want to use it as a secondary scanner - great. If you have other real time protection other than MSE including sandboxing or running in a VM - great. If you do an image backup once a day - great. If your expert at removing malware infections - great. Otherwise, don't use the product as your primary real time defense.

 

I think that Microsoft doesnt want to compete with third party security vendors, so they made MSE just a baseline antivirus.

Microsoft has the resources to make a powerful and light antivirus, but doesnt want to.

With so many good free offerings, MSE wont be missed.

 

Interesting. Strangely, Chrome or one of my security measures does not allow Forbes.com to operate correctly. I had to go to IE to open the site. Now I need to figure out why that site will not work in my primary browser..

And... according to Gartner:

Symantec remains the market share leader in EPP, and is a good choice for solid anti-malware endpoint protection.

McAfee, a wholly owned subsidiary of Intel, holds the second-largest EPP market share worldwide, and offers a broad portfolio of information security solutions.

Trend Micro is the third-largest enterprise endpoint protection vendor, with a large worldwide installed base focused on the Asia/Pacific region and EMEA.

http://blogs.antivirussales.ca/en/blog/gartner-magic-quadrant-for-endpoint-protection-platforms/

 

Thanks for the link Frank, amazing analyse of the market.

 

https://www.wilderssecurity.com/threads/mse-4.322765/page-34#post-2427277

 

I'm as good as MSE. I bet I can stand in front of a randomly-infected PC and miss 100% of them, too. But wait! I might guess one or two!

 

True.. Also I agree - earlier 12x = very problematic.

 

ESET ........ always wins.

=
How Reliable and Accurate is this?
&
Of course, these are not not real-world tests
&
We all understand that this test is just one data point.
------------------------------------------

Say it again.

The OPSWAT Market Share report is misleading.........
https://www.wilderssecurity.com/thre...hare-report-january-2014.359339/#post-2334996[/QUOTE][/QUOTE]

 

'Microsoft is doing a disservice to its users by telling antivirus testing companies that they don’t recommend MSE for average users and telling average users that MSE provides them with “comprehensive malware protection” on their website. Microsoft needs to pick one message and stick to it.' ~ op cit

I've been saying this about MS for some time now. They are being a bit ambiguous at best. Of the four computers I currently run, only one has Windows as an OS. I've actually installed (freeware) Panda on my x86 notebook replacing MSE in the past (it now runs Ubuntu) principally because it was lighter, but also for better protection. I've done this for non-tech savvy relatives originally running MSE also. I like Panda, but there is the BSOD bug that can only be alleviated by disabling the Process Monitor on the Panda GUI. I got that info directly from their forums and they are working on it. I'll soldier on with MSE and on-demand scanners combined with browser hardening for the meantime. I think MSE can be OK if you just use a bit of common sense and take basic precautions. The fact that it is simple, has virtually no false-positives, and doesn't either bug me or shag with other apps keeps me using it. For now.

 

MSE stopped being good within 12 months of them purchasing Reliable Antivirus (RAV) which was a good product, with a good team. After they fired the team, and disbanded the lab, it's been nothing but downhill from there. I cannot believe anyone would willingly install it. In fact I use Defender Uninstaller to totally remove it from PC's.

I'd rather have nothing than MSE.

 

I'd rather have MSE than nothing.

 

I would recommend you add another on-demand scanner like Emsisoft Emergency Kit since MSE and SAS aren't well known for their detections.

 

IMHO that's just more to give false-positives. I'll be OK with what I've got, I've been fine for four years. I know MSE's realtime detection is virtually non-existent these days (supposedly) but I employ some browser hardening and common sense. Plus, I'm on Linux at least 50% of the time online (like now). The rest of the time I'm in Android as much as Win 7. Soon I'll be adding Mac to that.

 

In all honestly, if you know how to avoid getting infected, it is extremely hard to get infected. In which case, the fact that detection rates of MSE are sub par, doesn't matter too much. I'm sure in your case MSE probably is detecting few if any infections, because you know how to not get infected in the first place.

 

MSE being good and free is a disaster to third-party security software vendors.

From some threads I've read in another forum, Microsoft security products have some advanced technologies, but poor in virus definations.

 

Well, I try to be careful. As I type this they do appear as famous last words though ... . I run regular scans with all of my anti virus/malware apps and in four years they have only ever discovered tracking cookies on my Win 7 machine.

 

That old logic doesn't work in these modern times with Tt's and APT's, as well as a plethora of exploits, and Malvertising that can completely bypass security. I don't care how much you think you 'know', if you hit a site with embedded malware or malvertising, or script exploits, you are going to get infected if you don't have proper systems in place. MSE is an inadequate solution for anyone this point - tech savvy or otherwise.

 

I would be interested in knowing whether Av-Comparatives will continue
publishing their semi-annual telemetry reports on MSE which show
Microsoft is actually doing a good job protecting their customers.

 

Don't know which reports you're referencing? Here is MSE's ranking in the latest of the following tests:

Real world - 83.5% - last place
File detection - 90.2% - last place
Heuristics/behavior blocking - 75% - eighth place out of thirteen vendors - note: this test was for 1st quarter 2014.

 

Microsoft prevalence based analysis under single product reviews/tests.

 

Can't agree more.

For exploits alone, the old axioms of 'surf-smart' and 'avoid problems' does not work in some instances.

You can get whacked from legit websites.... even sites that you have gone to for years.

For some exploits, you don't have to click on anything.

See my post in the G-Data thread on Exploits for more info.

 

OK. Got it and copied and highlighted relevant portions. My interpretation of this. Microsoft paid A-V Comparatives to reanalyze their test data using parameters supplied by Microsoft to make the result more favorable to their product. Total rubbish as substantiated by other AV lab tests that also have ranked MSE at the bottom of the heap:

Microsoft’s initiative uses its global telemetry data (malware prevalence) to consider the customer

impact posed by missed detections. That is, the malware files that antimalware products failed to

detect are weighted based on malware-family prevalence, and each vendor’s prevalence-weighted

results are reported along with the file-detection results in this report. These results are designed to

give greater insight into the customer impact of the missed detections during testing. In addition to

global prevalence weighting impact, geo-location prevalence is also used to determine the customer

impact of missed detections in specific countries for products tested. This is used to present the file detection

efficacy of antimalware products in the test against prevalent malware samples.

This report is supplementary to AV-Comparatives’ main report1, already published, of the March 2014

File-Detection Test. No additional testing has been performed; rather, the existing test results have

been re-analysed from a different perspective, to consider what impact the missed samples are likely

to have on customers. It is conceivable that a product with a lower score in the test may actually

protect the average user better than one with a higher score, under specific circumstances. Let us

imagine that Product A detects 99% of malware samples in the test, but that the 1% of samples not

detected are very widespread, and that the average user is quite likely to encounter them. Product B,

on the other hand, only detects 98% of samples, but the samples missed are either not as prevalent,

or only run on a specific operating system. In this case, users would probably be more at risk using

Product A, as it misses more of the malware that is likely to present a threat to them.

AV-Comparatives has for many years focused on using prevalent samples in its tests, as mentioned in

our reports and also in a Microsoft blog2. Furthermore, same sample variants (e.g. polymorphic
malware) are clustered to avoid a disproportional test-set3. AV-Comparatives makes uses of telemetry

data from various sources, not just Microsoft, as the test-set must remain independent and not based

solely on data provided by one specific vendor or organisation. Therefore, minor discrepancies

between one vendor’s data and our independently sorted combination are possible. The original File-

Detection Test in March 2014 used a malware set sorted using various telemetry sources; however, the

analysis in this supplementary report is based solely on Microsoft’s data.