Antivirus struggles on 64-bit Vista

Antivirus software for the 64-bit version of Windows Vista is struggling to properly protect the operating system, according to a new test by the Virus Bulletin security certification body.

Of the 20 antivirus products tested, 35 per cent failed to meet the test's criteria. Six of the failing grades were caused by so called false positives, legitimate files that are incorrectly flagged as malware.

Of the major vendors, McAfee Virusscan and Symantec Antivirus both passed the test, as did Microsoft's Forefront, Redmond's enterprise grade security suite that was released last May.

CA's eTrust application failed the test. The software comes with improper default settings that instruct the software to ignore many file formats. It therefore failed to detect many malware applications. Instead users have to apply the proper settings manually.

Trend Micro submitted three products for testing, all of which mistook a Microsoft development tool for malware.

"A false positive can cause as much disruption as a virus infection," John Hawes, technical consultant at Virus Bulletin, commented.

"False warnings often lead end-users to delete valid files in the belief that they are some form of attack and the resultant damage can be significant."

Traditional antivirus software doesn't function on 64-bit operating systems. The PatchGuard technology in Windows Vista's 64-bit version requires a new approach to security software because it prevents the applications from accessing the operating system's kernel. Virus Bulletin suggested that teething problems with the new designs contributed to the unusually high fail rate.

The Virus Bulletin certification is known for its stringency against a host of active and old malware applications. Failure to detect a single current pest will prompt a failing grade, as do false positives. All tested applications were submitted voluntarily by their developers.

The full results of the test are available to subscribers of Virus Bulletin.