50% of anti-virus products fail to spot threats

An independent testing body has called for the industry to pull its socks up as more than half the anti-virus products it tested failed to make the grade.

Virus Bulletin, the independent security certification body, has revealed that 17 out of 32 products tested - including big-name products Trend Micro, Kaspersky, Norman and Sophos - failed to reach the standard required for VB100 certification.

A total of 13 products failed to spot threats known to be circulating in the real world, and a large number also produced false alarms on known clean files.

John Hawes, technical consultant at Virus Bulletin, said: 'In these days of hourly updates computer users really ought to be able to rely on their chosen security vendors for full protection against known threats.’

“The main cause of the string of failures was a particularly nasty polymorphic virus, which many products failed to fully protect against.

John Hawes, technical consultant at Virus Bulletin

‘The main cause of the string of failures was a particularly nasty polymorphic virus, which many products failed to fully protect against,’ explained Hawes.

‘Polymorphic malware went out of fashion for some time but has recently become popular with malware writers once more, both in self-morphing viruses and in trojans morphed at the server side before delivery, all in an attempt to avoid detection by security software,’ he added.

Virus Bulletin's VB100 tests pit each anti-virus product against a test set of viruses from a publicly available up-to-date list of the viruses that are known to be circulating on computers around the world. To earn VB100 certification, products must be able to detect 100% of the viruses contained in the test set and must not generate any false alarms when scanning a set of clean files.