Windows Defender fails in new malware test
- 20 February, 2007 15:07
Windows Defender has been slated in a new test that found it could detect barely half of the malware thrown at it during the last year.
According to Australian testing company Enex Testlab, in full scanning mode the anti-malware scanner could only pick up 53.3 percent of an unspecified list of malware threats thrown at it during 2006, with the quick scan scoring a detection rate of under half. This contrasted with the superior scores achieved by a number of other anti-malware software, including a top score for PC Tools Spyware Doctor.
Critics will point out that the test was paid for by PC Tools itself, which offers an easy way for Microsoft to attack the results. The program has also spent 2006 in an unfinished state and was only released for XP in October of 2006, which one might think would make criticism of it misleading and unfair.
Equally, there is some evidence that the software might not be the best on the market. A test by another rival security company, Webroot, found Windows defender to be even less effective in spotting spyware and potentially unwanted programs (PUPs) when pitted against a sample list of 25 threats. It missed 84 percent of them.
"We wanted to prove through an independent and unbiased review -- where PC Tools did not choose or supply the sample-set, that Vista's anti-spyware protection is in fact inadequate, and could result in a false sense of security to consumers," said PC Tools CEO Simon Clausen.
Clausen also criticized the Webroot test, accusing it of being unhelpfully selective. "While we agree with the overriding conclusion that Vista security is lacking, this approach fundamentally contradicts the laws of statistical analysis, and clearly creates a bias result. By hand-picking the sample-set, it is easy to return results showing whatever you want. It would even be possible to show Vista had zero percent blocking ability," he said.
PC Tools achieved a full scan detection rate of 88.7 percent in the Enex Testlab tests, which some might point out is good but far from foolproof. Comparing oneself with the least developed product on the market looks a bit complacent in this light.
The origins of Windows Defender lie with a product the company acquired in 2004 when it bought anti-spyware company Giant Software in contentious circumstances. The product was known as Windows Anti-Spyware until the 2005 RSA conference after which it was reborn as Defender. The software is available for all versions of Windows, including Vista, and excluding Windows 2000.