Webroot Software, a security software provider, today pointed out potentially-ineffective blocking capabilities in Windows Defender, slow definition updates, and weak anti-virus capabilities in the default anti-spyware and anti-virus components of Microsoft’s Windows Vista operating system and Live OneCare suite.
“We applaud Microsoft for the substantive improvements and exciting new features offered in Windows Vista," says Gerhard Eschelbeck, CTO and SVP of engineering for Webroot Software. "The various built-in applications, networking enhancements, and improved graphics support make for an impressive product.
“However, we want to make sure that users understand the Vista operating system’s limitations, and caution them that Microsoft’s default malware blocking application and anti-virus programs may not fully protect them. With the continued increase in the ingenuity and tenacity of cyber criminals and malware publishers, it is crucial for users to additionally deploy a proven computer security solution that provides real-time protection against all forms of spyware and viruses.”
As part of the ongoing testing performed by Webroot’s Threat Research team, it was discovered that Windows Defender failed to block 84% of a testing sample-set that included 15 of the most common variations of existing spyware and malware. In evaluating its ability to block spyware and malware before it has infected a user’s machine, Webroot’s Threat Research Team found the Windows Defender program’s performance was not in keeping with many third-party security applications.
Threats of various types – including adware, Potentially Unwanted Programs (PUPs), system monitors, keyloggers and trojans – were able to reside on the testing environment undetected by Windows Vista. One PUP tested was able to install under administrator privileges, run and capture keystrokes without any adaptation from its Windows XP operating environment, and Defender did not detect the installation or the running application.
Deficiencies in the Windows Vista security system extend beyond its spyware blocking problems, says Webroot. Microsoft currently issues spyware definition updates for its Windows Defender product every week to ten days. While this may sound adequate, Webroot’s Threat Research Team, on average, identifies 3 000 new traces of spyware and other unwanted applications in a single month and issues spyware definition updates on an hourly or daily basis as needed.
Webroot also cautions that security weaknesses in the Windows Vista operating system are not exclusive to spyware, but could expose users to the dangers of viruses and other forms of malware as well. According to research from industry-leading anti-virus companies and leading analysts, the Microsoft Windows Vista operating system is susceptible to some of the most common virus and malware threats due to issues with its user access controls and inability to detect some common viruses.
In addition, Webroot points out, anti-virus protection is not free for Windows Vista users, who need to purchase the Microsoft Live OneCare suite.