Microsoft's security apps still trip up on Windows 8 German independent security firm AV-Test has released evaluations of security software for Windows 8 for the first time, and – not entirely surprisingly – it once again found Microsoft's own products were among the weaker performers. The firm tested its usual batch of 25 antivirus products for consumers, plus eight aimed at …
Some ages ago, in IT terms of time, Microsoft proclaimed, there is no such thing as a ping of death.
Shortly after, they couldn't keep a server online and had to go with a Slowlaris system for their FTP, claiming it was due to loading issues.
When those went down, they eventually admitted to the ping of death.
Fast forward past the Windows ME debacle to Win2k and its "bulletproof" security and the many, many, many, many, many, ad absurdium many's debacles.
I'll not even go into 2003, autorun, tens of thousands of security issues and even more bugs.
So, *why* is this considered news? Microsoft is the purest example of the Peter Principle that exists in the entire universe.
I would be surprised if any IT professional expected anything else.
Windows is an evolution of an inherently insecure operating system. Despite MS claims of Vista being re-written from the ground up it was an evolution of XP. Windows 7 was Vista rebuilt to actually work and Windows 8 is Windows 7 with an added UI.
It is a huge OS, millions of lines of code, I suspect much of it is legacy. I doubt there is much of Windows 3.1 left in there. I expect code from all previous versions beyond 3.1 is in there in varying amounts. If Windows was just an operating system perhaps is could have been made secure but it isn't just an operating system. It is a collection of many useful and useless utilities on top of an operating system.
Microsoft's desire to be a dominant player in areas beyond operating systems... the Internet... Office productivity etc. and their desire to set closed standards in order to make everyone bend to their whim has produced the operating system we see today. I would guess that all new features have just been tagged onto legacy code and that legacy code modified to accommodate the additions.
Anyone who trusts any operating system to be secure is somewhat naive. The same is true for Linux, that too has its fair share of security issues, although with a smaller foot print and more timely updates is isn't so much of an issue. Linux tends to be used by those with a clue whilst Windows is a consumer focused operating system. That fact alone is even more cause for Microsoft to produce something secure even if that security breaks ease of use of certain features.
What should really be of concern is that Microsoft have now adapted that insecure Windows code base to run across a multitude of devices, will it be a case of one exploit to rule them all?
@Coward,
Windows NT was originally derived from DEC's VMS. But that system was extremely foreign to anything Microsoft, and was in fact not able to run their desktop code. Microsoft eventually "improved" it, by removing most of NTs original security aspects and bolted back the "desktop" part, which is utterly insecure. The resulting "OS" is what we know since XP -- a complete mess, that "somehow works".
With all the effort Microsoft spend on "fixing" it, they could have completely re-designed and rewritten the whole "OS" and made is just as secure as anybody else's. But they chose not to.
Even their recent WinRT which was an good promise for something better, was "Microsoft-ised" by bolting back the win32 junk.
Pathetic.
@Danbi: You don't really seem to know much about Windows NT. It wasn't derived from VMS, it was designed by some of the people who designed VMS based around the same ideas. It was written from scratch, never shared any code with the other series of Windows OSes. Indeed it was designed on a different processor architecture to make sure of this. NT's security wasn't removed and re-added, it could always run Windows applications.
Your knowledge of Windows: Pathetic.
Google found me an article in The Wall Street Journal from 2005 referring to the idea they had thrown everything out and started again for Vista. Quotes someone from MS suggesting they'll never get it finished.
Took me about 60 seconds to find that, so perhaps next time a bit of homework yourself before acting like a tool.
Agreed (although its not the best bit of kit out there). Coupled with something like Sphinx ,
http://www.sphinx-soft.com/ (its a bolt on to the windows firewall that alerts you whenever something tries to initiate an outbound connection.) Saved my bacon a few times....
and current AV then you have a chance of stopping anything doing anything it should.
Its a sad fact of life but fore-warned is fore-armed....
I stopped using that quite a while ago.
Why?
On scans it just wasn't finding anything on infected drives. I could then run other products and stuff would appear.
Even when it did find stuff you could then do another scan with it and you would find more stuff it missed first time around.
It really isn't that good a product. It may have been a couple of years ago but tactics and strategies change.
Just be careful if that's all you are using. Oh and never use the infected machine to clean itself, that's a waste of time.
Windows defender is enough for most 'standard' computer users. For the higher risk population defender + Customized host file + peerblock = free win. For SMEs I had good experiences with an additional ISP antivirus gateway + Symantec Endpoint Protection on premises (interestingly enough as Symantec customer solutions only caused pain & misery, not that it was much better with McAffee)
And nothing is something a high number of home users have as protection. Better to educate them on AV with an easy to use product that comes from their OS vendor - so they can then learn more about it and install something better as they are better educated. I'm not talking about reg readers here - you're reading the reg so clearly you know a thing or two about computers.
The problem for most home users is so much of the crapware out there they get exposed to is going to do more harm than good to their computers - how do they distinguish between the good and the bad? Good thing Apple have an AV product for their operating systems.. oh wait...
... then you need to install their Enhanced Mitigation Experience Toolkit. It's a separate application to the AV part.
http://www.microsoft.com/en-us/download/details.aspx?id=29851
Everyone seems to keep forgetting this but MS doesn't exactly promote it much. I guess one day they will integrate the two. Odd that a fairly crucial component is kept hidden.
I've been using it for about a year and so far nothing bad has happened. I also install lit on all my customers machines. No bad reports so far. All very quiet in fact.
...it's all ransomware/hijack stuff that's written on the hour by the crimegangs and pretty much none of the AV companies can defend against it because its so new.
Basically for most of the nasty stuff out ther, it's so new, you may as well not bother with AV.
I bet the samples that were used in this test were at least a week old and so not really a real world test in my experience.
I've seen all of them beaten.
In that case why isn't everyone using Comodo? Oh yes..its no better or worse on average than any other AV solution.
I'll say it again....they all get beat.
As to my advice about not using AV, I would always recommend a user use some form of AV. However, real world experience shows if you are going to get hit, no matter what steps you take you'll get hit. It's luck of the draw.
Plus often its just quicker for the experienced user to rebuild/ghost their build back than spend hours scanning it for malware. Get hit, wipe and reinstall. So in theory for some users who understand the risks, AV might well be a waste of time.
Choice is yours.
I've mentioned it before I find it interesting that we now get a lot of articles slamming MSE/Defender now that its a full part of Windows than when it was a optional extra (and folks raved about it). Could it be the other AV firms are a little concerned at this so a little mud flinging doesn't hurt?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
