Here’s an interesting story from June 16 on the SPAMfighter.com Website, based on recently-released research work from leading antispyware firm Webroot. It’s entitled “Vista Low on Malware Detection” and makes some pretty interesting points:
- The OS demonstrates only limited built-in malware blocking capabilities: it cannot block 84% of common malware elements, including some of the most common and well-known malware and spyware versions.
- Some malicious code was able to install at administrative privilege level, execute code, and use a keylogger, but Windows Defender could neither detect nor stymie its installation or run-time activities.
- Signature updates for malware were also observed to be “extremely slow” on Windows Vista.
What’s the point? Try this quote for size “…security experts…cautioned users that the default malware blocking software as well as the anti-virus programs of Microsoft may fail to provide them comprehensive protection…” Duh!?
When it comes to news like this, I’d like for them to tell me more about what they learned in doing their analysis, and how other threat prevention mechanisms fared as well. Everybody knows that additional protection is necessary for Windows PC active on the Internet, and most corporate security policies require specific and more powerful antimalware coverage anyway. What would have been more interesting and potentially useful would have been a comparison of effectiveness for leading antispyware programs (including Webroot’s own Spyware Sweeper, PC Tools Spyware Doctor, and so forth and so on), as well as speed comparisons for signature updates and scanning for XP, Vista, and Windows 7.
I’m hoping more and more of that detailed information becomes available as Windows 7 heads for commercial release in October. And gosh, would I ever love it if somebody stepped up to fund an organziation like Virus Bulletin for the anti-spyware community. There may never be an AntiSpyware 100 (AS100) like the VB100 if what I know about spyware remains true — and things show no signs of changing in this regard — but it would be nice to have AS80-plus or AS90-plus ratings to help separate the merely adequate antispyware packages from the real star performers. To me, that would be some real news!