Security software firm Sophos has claimed that Microsoft’s updated anti-virus solution for Windows 8 “isn’t ready for prime time yet.”
Senior Security Advisor at Sophos Canada, Chester Wisniewski, tested Windows 8′s anti-virus software against a number of malware threats recently. Wisniewski criticized Microsoft’s lack of virus warning messages in Windows 8 during a test of the new software. Wisniewski tested Microsoft’s inbuilt Windows Defender software with the basic EICAR test file which produced an error at launch but failed to provide a virus warning. “I was very confused and began to wonder whether Windows 8 really had anti-virus at this point,” said Wisniewski in a blog on Friday.
He went on to test various other real world malware samples and concluded that Windows 8 captured around 50% of the malware samples tested. Wisniewski tested Mac, Linux and Windows malware to assess whether Windows 8 detected cross-platform malware. “It did successfully pick up quite a few fake anti-virus samples for Mac and Windows, as well as some copies of Linux/RST-B,” he says. “It also recorded some events under the Windows Defender category in Event Viewer for the detections it alerted me to.”
Wisniewski notes that Windows 8 is an early preview but claims it obviously needs work. “While Windows Defender caught some samples, it isn’t ready for prime time yet,” he said. “It’s good to see Microsoft is detecting malicious software for the three major platforms,” he added.
Microsoft is planning to overhaul its Windows Defender product for Windows 8. Microsoft will deliver a set of malware signatures via Windows Update. Defender will now include real-time detection and protection from malware using a file system filter. Defender will also interface with Microsoft’s secure boot technology in Windows 8. Windows PCs with UEFI-based secure boot will be able to take advantage of Microsoft’s Windows security to ensure firmware and firmware updates all remain secure. Microsoft is able to achieve this by loading only properly signed and validated code during boot.
Microsoft is also adding SmartScreen filtering for Windows. Microsoft has extended its browser technology to Windows as a whole. Windows 8 will now protect end users by checking applications and URLs against reputation-based database.