Microsoft Recommends 3rd Party Anti-Viruses

An article on howtogeek.com has caught my attention. So I thought I would do up a blog about it to summarize the article itself.

 

Microsoft recently released a statement about their Microsoft Security Essentials Anti-Virus, they are now saying to use a third party anti-virus. I will admit, I used it in the past. You may see on the Microsoft Security Essentials web page that it still state that is offers “comprehensive malware protection,” Microsoft has yet to change that. They aren't effectively communicating well there.

 

Back in 2009 MSE was up there among the ranks of other anti-viruses and malware protection according to AV-compatatives.org. Like I mentioned earlier, I used it a while ago and honestly thought it was a very good all around anti-virus. Now it isn't. Now MSE is in the bottom slot on the AV-TEST as of right now.

 

Microsoft later argued “The tests were not representative of the real world,” they also claimed that their main focus was to stop the real world threats; another factor that Microsoft argues: “that avoiding false positives is an important goal.” I do happen to agree with Microsoft there, there are a lot of Anti-Viruses out there that do have False Positives. I speak no more on that

 

Overall Microsoft has given up on this particular matter. Microsoft now recommends that users should use a third party Anti-Virus program. Here is the rest to this article.

There's no need for anti-viruses in the first place.

 

Microsoft Security Essentials is trash and allways has been trash 

Been using MSE for a while without knowing this. Whoops.

Um, anybody got a good anti-virus to recommend?

I use avast, very lightweightand powerful at the same time

Yeah, I just installed that one. Gonna reboot and get rid of MSE now.

Thanks for the tip mate, and thanks for OP for making this thread before my ageing machine got the Russian hammer and sickle.exe treatment.

So long as you know what you're doing, I agree.  I have recently been giving this a try...

It works well.  Haven't had any problems so far.  I keep a malware cleaner on hand just in case though.

 

What if that's just because it comes with Windows 8 included? People complained about MS pushing internet explorer on them and there were lawsuits about that and all that jazz, what if the same is happening with the AV? Perhaps MSE/Windows Defender is still good, but MS just "has to" suggest using 3rd party AV's, otherwise it's considered that they're using their monopoly once again and people cry over that. Just a theory/guess of course...
I'm still going to use Windows Defender, I fell in love with MSE since the first install. It might not catch everything, but combined with common sense, it's pretty secure for my needs. 

Depends on the user.

For the trained eye, in 90% of situations, your right. But it is important to have something for that extra 10%.

 

I've found AV comparatives completely useless. here is why.

First, they never publish exactly how they compare them. Sometimes they will say something like "we tested against X samples" but they never publish those samples.

There was a discussion on this a while ago on one of the other forums I frequent and they made several interesting discoveries. they found a listing of the "samples" that were used to test in at least one case.

This was where the concerns started to mount. Most of the samples were Research-only or over 20 years old- we're talking about the michelangelo Virus, Stoned, etc- DOS viruses that would never affect a Windows PC at all to begin with. These are POINTLESS tests. At the time Norton was the only AV actually detecting these things- but the thing is, the detection is pointless because they are not infectious. The only reason Norton was detecting these things was because it gave them a boost in the rankings because the other AV software didn't bother detecting Malware that was over 30 years old and would never be in the wild to begin with, let alone be infectious on Windows Systems.

Another thing is the old standby that these AV tests really only test the extensiveness of their database for existing threats.

You don't necessarily want and AV to protect yourself against known threats. You want it to protect you against new ones. Do you really need a malware scanner to protect you against 30 year old malware? No, of course not. YOu will never encounter them and even if you did they wouldn't work or infect a modern system. Another problem is that most of the "comparatives" call themselves "scientific" and yet they don't provide the steps required to reproduce the results, meaning they are, IMO, completely useless anyway. This is probably done because the "collect these 5000 samples of 30 year old Malware that has no modern relevance" step might make people wonder. Today you don't need an AV to protect you against 30-year old malware that couldn't infect you if you tried, so why is that used as a basis to compare them?


EVERY SINGLE AV can be bypassed by malware quite easily. This is nothing new with MSE, and even most site's recommend replacements (AVG, avast) have had this problem for years now.

Norton is terrible.
Kaspersky is terrible.
McAfee is terrible.
Trend Micro is terrible.
Webroot is terrible.
AVG is terrible.
Avast is terrible but slightly less so.
ESET is terrible but slightly less so.
MBAM is terrible but slightly less so.
MSE is terrible but slightly less so.
Panda is terrible but slightly less so.
Bit Defender is terrible but slightly less so.

ALL OF THEM have the same issues. Those issues are:

  • Blacklists suck and are ineffective.
  • Their "behavioral analysis" of programs is broken and flawed in every conceivable way.
  • Requiring definition updates means the definition checks are easy to block by malware, where an AV can say it is "working fine, even though definitions are out of date" because it assumes you are in offline mode.
  • Because of these, deactivating majority (if not all) malware protection is completely trivial.
  • Because nearly all malware infections are from the end user (and the end user giving admin rights to the program) the AV can literally do nothing about it making even just having the program running useless
  • Their "scans" are hilariously broken and easily spoofed, as all they do is reverse-hash checks and filename checks against a blacklist.


There are no "good" AVs because an AV cannot protect the end user from their own stupidity, which is where 99% of malware comes from

SO use your brain and keep MSE/Avast as a backup

The point is, it doesn't matter whether you have an anti-virus or not because detection rates are way below 100%. I'd say even below 50%. Either you don't get any viruses at all, or you get them no matter how malware protection you have. For cases where you actually get malware, it's more efficient to have backups.

Those 10% didn't happen to me even once. Although it was funny when on a school computer I extracted a skype virus onto my desktop with 7-zip and F-Secure didn't react in any way. And then I scanned the .exe file and it still didn't detect anything. I wonder how much money IT department spend on this POS considering that my university has thousands of workstations in 15 campuses.

i pretty much agree with Kruziik_Kel, common sense is your most powerful tool and your anti-virus coming in at second. the real question is are there any decent reliable malware removers out there. as in software dedicated to safeguarding your pc from malware so not a AV. admittedly i use avast and waterfox now, with plug-ins like script-blockers and https encrypted and a few others. but it's some times not enough. so yeah good malware programs?

Avast and MBAM are a good combo. Avast doesn't get everything, That's where MBAM comes in.