• On The Insider: Robert Downey Jr Injured on the Set
October 15, 2008 12:07 PM PDT

Secunia exploits security suites flaws

Posted by Robert Vamosi
  • Print

A new report (PDF) from Secunia is raising awareness about the need to patch vulnerabilities and block malware from desktops.

The report found that "security vendors do not focus on vulnerabilities." And while Symantec Norton Internet Security 2009 bests the 11 other suites tested, Secunia found that Symantec "detected a mere 64 out of 300 exploits, or less than one-fourth, leaving 236 exploits undetected." Overall the dozen products all received an "F" on the report.

The Secunia test departed from the traditional testing done by organizations such as AV-test.org and AV-comparatives.org, which use collections of malware to demonstrate the on-demand and heuristic capabilities of the security products. Secunia used exploits--not viruses and worms--to demonstrate the need for users to patch vulnerabilities as well as have a good firewall, antivirus, and other anti-malware protection. The company said exploits are what criminals are most likely to use these days, and faulted the tested security vendors who said their products could protect against any threat.

Secunia did single out one product, Kaspersky Internet Security, as providing a vulnerability scanner, yet Kaspersky also did poorly on the test.

But Alex Eckelberry of Sunbelt Software criticized Secunia's report as being a "useless test." And others, too, have criticized the metholodgy used.

There is a move within the security industry to standardize malware testing. The newly formed Anti-Malware Testing Standards Organization states that there is a "global need for improvement in the objectivity, quality, and relevance of anti-malware testing methodologies." The group is currently soliciting opinions on two papers, one for testing best practices and the other for fundamental principals for malware testing.

Recent posts from Security
Vietnamese security firm: Your face is easy to fake
Apple suggests Mac users install antivirus software
Europe to get cybercrime alert system
Top-notch Vietnamese software BKAV raises antivirus bar
New 9555 Iridium handset released
Add a Comment (Log in or register) 4 comments
by goodspeed8701 October 15, 2008 1:46 PM PDT
This is a good reason why i dont use anti virus on my vista.
Reply to this comment
by skrubol October 16, 2008 6:34 AM PDT
I don't on my gaming machine either. I just have to remember to be careful where I go on that machine, and always pass downloads through another machine.
Windows Updates + Common sense > Antivirus
by malynj October 15, 2008 6:40 PM PDT
They appear to have only tested the consumer versions of antivirus products. There are vendors who sell HostIPS products on the corporate side, as well as other behavior monitoring/blocking programs, that would be a better fit for this test. AV is primarily signature detection only by nature. HostIPS and other behavior programs would be the area of software that is intended to protect against known exploits regardless of signature detection. AV vendors should begin including HostIPS type technology in their products, but currently the vendors sell these as separate standalong products. If the goal of this testing was to change the nature of the features bundled with AV products, they should have included the HostIPS-type products in the tests, then shown that these products should be bundled together with the AV products to better protect the consumer.
Reply to this comment
by eiverson October 16, 2008 11:19 AM PDT
Secunia rightly points out that signature-based-ONLY defenses are inadequate in a world where malware-makers are increasingly altering the signatures of their wares systematically. More here on that:

http://www.securitynowblog.com/endpoint_security/secunia_report_signature-based_antivirus_misses_most_unknown_malware

As for host intrusion prevention system (HIPS) products being the answer. I would caution people to consider that the medicine can be as bad as the illness it seeks to prevent. Its very important that one balance usability and security when considering answers.
Reply to this comment
advertisement

In the news now

A tech veteran responds to the recession

LogLogic's Patricia Sueltz heard a clear message about the economy from investors, but she already knows a thing or two about navigating through tough times.


Obama's AG pick on privacy

Eric Holder has criticized the warrantless wiretapping program, but his views on other online policies may not be that far from those of the Bush administration.


About Security

Online security is threatened by more than hacking and phishing attempts. Check here for the latest updates on software vulnerabilities, data leaks, and rapidly spreading viruses--and learn how to protect your systems.

Add this feed to your online news reader

Security topics

advertisement
advertisement

Inside CNET News

Scroll Left Scroll Right
News
Latest news
Business tech
Green tech
Wireless
Security
Media
Popular topics
Apple iPhone
Apple iPod
CES
Cell phones
Dell
GPS
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
Corrections
Customer Help Center
RSS
What's new
About CNET