Microsoft has committed to improving its Security Essentials and Forefront Endpoint Protection software packages, following the release of a second independent test that saw the company's anti-malware suites miss out on a passing grade.
Responding to the latest AV-TEST
results, in which Security Essentials and its enterprise-grade equivalent missed out on certification for the second time, Microsoft's Joe Blackbird
promised that the company would try to do better - but claimed that the test was possibly a little unfair.
'AV-TEST's test results indicate that our products detected 72 percent of all "0-day malware" using a sample size of 100 pieces of malware. We know from telemetry from hundreds of millions of systems around the world that 99.997 percent of our customers hit with any 0-day did not encounter the malware samples tested in this test,
' Blackbird claims, pointing to AV-TEST skewing results by using malware samples which are not present in the wild in any quantity as one reason for his software's poor showing. 'AV-TEST's test results [also] indicate that our products missed 9 percent of "recent malware" using a sample size of 216,000 pieces of malware. We know from telemetry that 94 percent of these missed malware samples were never encountered by any of our customers. When we explicitly looked for these files, we could not find them on our customers' machines.
Aside from the use of uncommon malware samples, Blackbird also took exception to how AV-TEST weights it scores. 'AV-TEST reports on samples hit/missed by category. We report - and prioritize our work - based on customer impact.
' Despite this, Blackbird has promised that Microsoft will try to do better. 'We continually evaluate and look at ways to improve our processes. We know from feedback from customers that industry testing is valuable, and their tests do help us improve.
'We're committed to reducing our 0.0033 percent margin to zero,
' Blackbird concludes - somewhat sneakily reducing the 28 per cent of 0-day malware and 9 per cent of recent malware missed by Microsoft Security Essentials in AV-TEST's testing using figures received from customer telemetry, and reaching a much less scary figure.