Security giants fail Virus Bulletin test

The latest edition of the VB100 results has been posted

Some of the biggest names in the security industry have failed the latest Virus Bulletin 100 test.

The test used 100 pieces of malware collected from active samples and put them up against a number of major security suites for Windows Server 2008.

Only 16 of the 24 products pitted against the test passed, while eight fell short owing to missed malware samples or false positive returns.

Most of the major vendors, including McAfee, Symantec, Microsoft and Sophos, were able to pass the test. However, several others, including F-Secure, Kaspersky and Computer Associates, fell short of the certification.

Other firms failing the test included Redstone, Avira, Microworld, Quick Heal and ArcaBit, whose ArcaVir product missed 93 samples and returned three falsitives.

In order to pass the test and receive VB100 certification, a product must be able to identify all 100 pieces of malware without returning any false positives for uninfected files.

CA's eTrust software missed one item from the malware list, while F-Secure and Kaspersky each returned one false positive.

Conspicuously absent from the latest VB100 test was Trend Micro. The company pulled out of the tests following a failure in April.

Critics of the test suggest that the system is antiquated and relies too heavily on signature-based testing, which checks for known malware samples, rather than more recently-developed heuristic, or behaviour-based, methods that can catch new or unknown malware.