|
Microsoft has vowed to improve two of its security products after both failed to pass an evaluation by a Germany security software testing organisation.
The company's Security Essentials and Forefront Endpoint Protection failed to earn a "certified" status in a latest round of testing by AV-Test to see how effective the products are against malicious software.
Security software companies have often contested the conditions under which their products are examined by testing organisations following a poor rating, frequently arguing that testing parameters are flawed.
Joe Blackbird, a program manager in Microsoft's Malware Protection Center, softly contested AV-Test's methodology, which involves running the software security against a range of malware.
Blackbird said that Microsoft prioritises how it provides protection based on the prevalence of threats. Many of the malware samples that AV-Test used were never encountered by millions of Microsoft systems, he said
In one example, Microsoft detected only 72 pieces of malware out of a sample of 100 pieces of zero-day malware, or attack code for which a detection signature has not been created yet.
But "we know from telemetry from hundreds of millions of systems around the world that 99.997% of our customers hit with any zero-day did not encounter the malware samples tested in this test," Blackbird said.
Microsoft did not detect about 9% of 216,000 pieces of "recent" malware in the AV-Test evaluation. But Blackbird wrote that 94% of missed samples were never encountered by the company's customers.
"When we explicitly looked for these files, we could not find them on our customers' machines," according to Blackbird. |
