“The recent detection numbers were not stellar,” Jimmy Kuo, a member of the Microsoft security research and response team, said in a company blog.
“We missed capturing a VB100 [Virus Bulletin 100] in the last test because we missed one virus,” he wrote. “As a result, we have adopted new methodologies to … look more closely at families of viruses that have been found to be ‘in the wild,’ [those] found actively spreading among users.”
Early last month, Virus Bulletin, a UK publication whose VB100 tests are considered one of the anti-virus industry’s benchmarks, put 15 Vista security programs up against January’s WildList, a master list of all viruses, worms, Trojans and other on-the-loose malware. Five titles failed the test, including Microsoft’s Windows Live OneCare 1.5.
“We will keep on working to acquire the VB100 Award each time we are tested by Virus Bulletin,” promised Kuo.
Kuo said that the company’s developers would come up with signatures able to detect entire families of malware, something security vendors have been doing for years. Kuo also said that Microsoft would put more resources into identifying what he called “truly important malware.”
OneCare has been called into question by other tests in recent weeks. Earlier this month, AV Comparatives, a non-profit site that pits the most popular anti-virus products against nearly half a million pieces of malware, placed OneCare dead last in a list of 17 programs.
“You will see our results gradually and steadily increase until they are on par with the other majors in this arena,” pledged Kuo.
Kuo, who prior to joining Microsoft’s security team last September was a 10-year veteran of McAfee’s AVERT research lab, is probably best known as the researcher who tracked down the hacker who wrote 1999’s Melissa virus.[originating url]