Thursday, August 16, 2012
NSS Labs - Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?
NSS Labs released an interesting analysis brief on August 15 – “Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?” NSS Labs conducted testing on thirteen consumer antivirus (AV) products. The goal was to see how well the products repelled attacks on systems not yet patched for a pair of current vulnerabilities. Those used in the test were the CVE-2012-1875 and CVE-2012-1889 vulnerabilities. According to NSS, exploitation of either of these can result in remote code execution by the attacker. Very bad for the user! Look for an upcoming “Consumer Endpoint Group Test” by NSS Labs in the near future.
The Analysis Brief Top Scorers Were
To cut to the chase, only four companies scored 100% on the test. In alphabetical order, these were Avast, Kaspersky, McAfee, and Trend Micro.
Two companies had products scoring 75%, ESET and Norton (I’m not listing all the results to encourage people to register and download the free report). No vendor scored 0% on the test with their tested product. However, five of the products scored 25%. One of them is based in Redmond, WA, however. The cone of shame for all at the bottom.
A Pair of the Recommendations
Two of the five recommendations of the study: (1) Do not rely purely on AV software to protect your system. Install HIPS (Host Intrusion Protection) or an Internet Security Suite as well. (2) People utilizing Facebook, Gmail or other services that utilize HTTPS need to have AV (at minimum) on their system. Note that the first recommendation was install an Internet Security suite.
In general, the products tested were the vendor’s home Internet Security product. It’s somewhat disappointing that BitDefender wasn’t included. BitDefender tends to be near the top in any testing done by Av-comparatives and AV-test (www.av-comparatives.org and www.av-test.org ).
The tested products - Avast Internet Security 7, AVG Internet Security 2012, Avira Internet Security 2012, CA Total Defense Internet Security Suite, ESET Smart Security 5, F-Secure Internet Security 2012, Kaspersky Internet Security, McAfee Internet Security 2012, Microsoft Security Essentials, Norman Security Suite Pro, Norton Internet Security 2012, Panda Internet Security 2012, and Trend Micro Titanium + Internet Security.
At seven pages, the test is a good read. The report is additive to the testing reports by the organizations listed above, as well as those performed by Virus Bulletin www.virusbtn.com . Go to these other sites to view additional test reports. These are much superior to counting Facebook fan "likes"! The wisdom of crowds doesn't always rule.
NSS Labs www.nsslabs.com
NSS Labs, founded in 1991, provides independent security research and testing. They also provide subscription based information services and consulting.