Subject: Editorial, General Tech | May 22, 2013 - 01:53 AM | Scott Michaud
Tagged: antivirus, antimalware
They might be a good means of guarding you from momentary lapses of judgment, but security is not equivalent to antivirus packages. You always need to consider how much your system is exposed to untrusted and even unsolicited data. Any software which accepts untrusted data has some surface with potential vulnerability to attack.
This, inherently, includes software which accepts data to scan it for malware.
Last week was host to Patch Tuesday, and one of its many updates fixed a vulnerability in Microsoft's Malware Protection Engine (MPE). The affected code is only present in applications which run the 64-bit version of the engine. For home users, these applications are: Microsoft Security Essentials (x86-64), Microsoft Malicious Software Removal Tool (x86-64), and all varieties of Windows Defender (x86-64). For enterprise users, MPE is also a part of Forefront and Endpoint applications and suites.
Despite the irony, I will not beat up on Microsoft. As far as I know, these vulnerabilities are semi-frequently patched in basically any antimalware application. At the very least, Microsoft declares and remedies problems with reasonable and appropriate policies; they could have just as easily buried this fix and pushed it out silently or worse, wait until it becomes actively exploited in the wild and even beyond.
But, and I realize I am repeating myself at this point, the biggest takeaway from this news: you cannot let the mere presence of antivirus suites permit you to be complacent. No scanner will detect everything, and some might even be the way in.
Subject: General Tech | March 17, 2012 - 02:01 PM | Tim Verry
Tagged: opswat, software, mse, antivirus
OPSWAT, a company founded in 2002, has released it's latest quartlerly report on software market share. The new report indicates that as of March 2012, the free Microsoft Security Essentials antivirus application has made the biggest gains in users this year.
Microsoft Security Essentials is a free antivirus program developed by Microsoft that has been on the market for just over 2 years (since September 2009). Despite not having the best detection rates, it is a program that is non-intrusive and lightweight on resources. Because of the automatic updating (via Windows Update) and being essentially "set it and forget it," it has garnered quite the following from tech enthusiasts that use it on their computers along with a bit of common sense browsing to stay safe. In addition, it makes for a good choice for family members as it is easy to install and requires little maintenance along with not costing any money. Also, If you have a friend or relative that refuses to pay for AV yet also refuses to stop visiting certain areas of the web, having some kind of free antivirus is better than nothing!
Specifically, the Microsoft software has managed to snag 10.08% of the worldwide antivirus market, putting it under the three big A's of antivirus: Avast with 16.26%, Avira with 11.65%, and AVG Technologies with 10.96%. Close behind Microsoft is ESET antivirus with 10.06%. Microsoft has increased their worldwide market share to 10.08% from 7.27% a year ago. They are further ahead of Symantec who holds 9.97% of the market.
|Trend Micro, Incorporated||2.22%|
In terms of the North American market, Symantec actually pulls ahead of Microsoft, and holds the number one position at 16.09%. Microsoft then holds the second position in North American market share with 14.92%. The MS software saw big gains from last year, moving from fourth position to second position and 9.94% to 14.92% respectively. AVG holds third place at 13.22% while Avast has 11.96% of the North American market and fourth place. You can see the remaining top 10 vendors' market share in North America below.
|Trend Micro Incorporated||3.10%|
Drilling down beyond vendor market share to the specific programs' market share Microsoft Security Essentials holds 14.58% of the North American market as of March 2012. Also, MSE holds 9.96% of the worldwide market in March 2012. In terms of ranking, the individual software that is MSE is is number one in North America and second place worldwide. Microsoft Security Essentials holds 14.58% in North America and 9.96% globally, putting it just under AVAST! Free Antivirus which is the number one AV product worldwide with 11.91% of the market. These numbers are a bit more telling, as they indicate Microsoft is doing pretty darn well with their AV program, and it is really helping them (market share wise) to have just one main SKU/program in their lineup.
Interestingly, their report indicates that the top 10 antivirus makers hold the great majority of the market with 87.46% of worldwide market share. Of the top 10 (listed in chart 1) global AV vendors, only Trend Micro is a new addition at number 10 thanks to overtaking PC Tools with a total of 2.22% market share. The top 10 has further gained more of the total market compared to last year. In 2010, the top 10 vendors held 86.57% of the market, and they now hold 87.46%. Individual product wise, the top 10 companies' applications hold 64.94% of the worldwide market and 63.08% of the North American Market (this is for specific programs only, while the previous total numbers are for top 10 AV companies as a whole).
Further, OPSWAT states that the free offerings continue to dominate the charts with the most number of installations and market share. In North America, they identified 81 antivirus companies and 257 antivirus software applications. Globally OPSWAT detected 87 vendors and different programs. That makes the fact that the top 10 vendors hold approximately 87% of the market even more impressive. More information on the recent OPSWAT report is availabe in the PDF format here.
Subject: Editorial, General Tech | February 21, 2012 - 01:21 AM | Scott Michaud
Tagged: antivirus, windows 8
Imagine if it were illegal for a dominant homebuilder to sell a house with locks on the door to be fair to the market of locksmiths?
The legality of Microsoft’s planned upgrades to its Windows Defender security suite has been questioned in an article up at ZDNet Asia. While the article itself is very correct in its analysis of the situation it does implicitly ask at what point a market should be obsolete.
Does it really protect consumers to intentionally unbundle security from a core application? Is it better to unbundle security to promote an industry worth of companies with products designed to successfully do little more than alert you when a breach has occurred?
Industry status - Not Protected
Despite the wording of the above three paragraphs, the answer actually is not simple. There is a lot of merit to disallowing the bundling of internal security applications and protect the antivirus industry.
Ponder this, what if Microsoft’s system was really bad? Would promoting competition ultimately drive for a stronger and more secure product in the end? Or alternatively, would the pressure from the attackers themselves be sufficient competition to not need to protect antivirus companies?
It really is an interesting problem when you look into it. What do you think? The comments await, and registration is not required to voice your opinion.
Subject: General Tech | May 4, 2011 - 05:28 PM | Scott Michaud
Tagged: mse, Malware, antivirus
One of the major drawbacks of having general purpose computation devices is malware. Your computers are designed to manipulate and store instructions and information and they do that amazingly. Your computers, however, cannot tell who gave what instruction; they follow a set of instructions until it links to another, which they follow, ad infinitum. When someone who wants to use your computer can get their series of instructions run by your computer: that is when you got a problem.