Half of antivirus software fails lab tests
By Stuart Turton
Posted on 4 Dec 2007 at 16:25
Virus Bulletin, an independent certification body, has revealed that 17 out of the 32 antivirus products it tested in its latest survey failed to pass certification.
Virus Bulletin runs its VB100 study every two months, pitting a range of antivirus products against a range of viruses selected from the WildList, a publicly available list of viruses currently doing the rounds on the internet.
In order for an antivirus suite to pass certification it must detect every one of the viruses thrown at it, without throwing up any false positives, a stringent test failed by a number of major names including Trend Micro, Kaspersky and Sophos. According to the company, they were all caught out by an old threat making a reappearance.
"The main thing was the very nasty polymorphic virus," says John Hawes, a Technical Consultant with Virus Bulletin. "It's something that used to be very popular but we haven't seen for a few years now. I don't really know why it's coming back, though it's been quite popular in China because of the big file-sharing networks popping up."
Polymorphic code mutates while keeping the original algorithm intact, and has been used to create self-morphing viruses and Trojans which mutate at the server side before delivery in an attempt to avoid detection by security software.
Hawes said this was something the industry as a whole needed to keep an eye on.
"These days, virus writers aren't just kids in their bedrooms, they're professionals out to make money, so this technology is very sophisticated and it's something the big AV labs need to keep an eye on."
"It was a shock and a concern to see such a poor performance from so many products in this latest round of testing. It is particularly disappointing to see so many major products missing significant real-world threats," says Hawes.
"In these days of hourly updates computer users really ought to be able to rely on their chosen security vendors for full protection against known threats."
The VB100 is run on a different operating system each time, and this test was conducted on Windows 2000 which Virus Bulletin describes as "still being the operating system of choice in many homes and businesses."
From around the web
advertisement
- Laptop bag reviews: nine tested
- Sony VAIO T Series Ultrabook review: first look
- Revealed: the military standards and robots HP uses to test its laptops
- Windows 8: multi-monitors and double standards?
- Why is TalkTalk's year-old porn filter suddenly big news?
- Why are laptop screens so far behind mobiles?
- HP EliteBook Folio review: first look
- The shoebox-sized all-in-one printer
- Forget the Ultrabook: here comes the HP Sleekbook
- HP Spectre XT review: first look
- Why you have to be left in the dark on OS patches
- Publishing your email address isn't a security disaster
- Why antivirus is fighting a losing battle in your office
- Four year olds used to steal their parents' data
- An acceptable use policy for your kids
- Paying for your crimes with Bitcoin
- Pavement hacking: What it is and how to avoid it
- Google's risky pre-loaded pages
- Mac under attack: how secure is Apple's OS?
- Has your browser been hijacked?
advertisement
