Windows 8 security needs extra help, AV-Test review suggests
23 Jan 2013
Comparative Tests, Product news
In December 2012, independent antivirus research laboratory AV-Test performed a comparative review of Kaspersky Internet Security 2013 and Windows 8’s built-in security components to determine how effectively they protect against malware. Kaspersky Lab’s home security product provided perfect results, blocking all URL and email attacks in the Real World testing scenario and detecting 99% of the malware samples. The results for Microsoft’s built-in solution were much lower: 11,9% of attacks were missed (5 attacks out of 42) in the Real World testing and only 90% of the malicious samples were detected during an on-demand scan.
- In December 2012 AV-Test laboratory experts organized a comparative review of Kaspersky Internet Security 2013 and Windows 8’s built-in security components
- Four individual tests were performed: a real-world protection test, two static detection tests and a static false positive test
- Kaspersky Internet Security 2013 blocked all URL and email attacks, detected 99% of malware samples and didn’t return a single false positive
- Windows 8 security components failed to block 11,9% of attacks and managed to detect only 90% of malware samples. Like Kaspersky Internet Security, the Microsoft solution also returned no false positives
How the tests were performed
To perform the test runs, the AV-Test experts prepared a clean Windows 8 Pro image that was used on several identical PCs. The test systems were restored to a clean state before being exposed to each malware sample. Either the Kaspersky Lab security software or Windows Defender 4 solution was installed on these computers. Both products were run with their default, out-of-the-box configuration. The products had Internet access so they could use the cloud as part of their protection strategy, but malware could also use the cloud/Internet connection to reach other sites in order to download further files and infect the system. In this case care is taken to ensure that cloud access is available to the malware sample in a safe way, so that the test systems run no risk of infection.
Four individual tests were included in the AV-Test review:
- A real-world protection test of malicious URLs and emails with 42 samples
- First static detection test of 111,487 of the latest malicious files
- Second static detection test of 2,500 of the most prevalent files
- A static false positive test with 345,900 clean samples
In the case of the dynamic real-world test, URLs were accessed and the downloaded samples were executed. Any detection by the security software was noted. Additionally, the subsequent state of the system was compared with the original pre-test state in order to determine whether the attack was successfully blocked or not. In the static detection test, the products had to scan two sets of files in default settings. Detections were noted to determine the detection result.
Kaspersky Internet Security 2013 produced perfect results, blocking all 42 attacks, while Microsoft failed to block five attacks. Also, in the first static detection test the Kaspersky Lab product detected 99% of the samples, while Microsoft only managed to detect 90%. Neither product had any problems with the static tests for prevalent malware or false positives. Both of them detected all 2,500 prevalent malware samples and neither generated a single false positive detection when scanning the set of clean files. This proves that even products with very high detection and protection rates can operate without generating false positives.
The significant difference in the results for Kaspersky Internet Security 2013 and Windows 8 security components indicates that Windows Defender and related Microsoft security features only offer baseline protection. With 200,000 new malware samples appearing every day, users require a renowned home security solution that provides far better protection – Kaspersky Internet Security 2013.
Nikita Shvetsov, Vice-President Threat Research
"It’s obvious that the addition of extra antivirus tools in Windows 8 is a positive step towards enhancing the protection of this operating system. However, the recent AV-Test research shows that this alone is not enough to safeguard users against new, unknown malware which poses the greatest threat to contemporary computing. Truly high-level security is provided by Kaspersky Internet Security 2013, which is completely compatible with Microsoft Windows 8."