SEARCH

How-To Geek

Week in Geek: Microsoft Security Essentials Loses its Certification after Failing AV Test

Our first edition of WIG for December is filled with news link coverage on topics such as the Windows XP countdown clock has dropped to less than 500 days, software pirates have released a tool to crack Windows 8 apps, an online service is offering bank robbers for hire, and more.

Weekly News Links

Image courtesy of the I Love Ubuntu Blog.

Security News

  • Microsoft Security Essentials Fails AV-Test, Loses Certification
    Microsoft’s Security Essentials is the only free anti-virus software that failed to receive certification after a new round of anti-virus tests conducted by AV-Test on Windows 7 during September and October. MSE results are here and full list of AV Apps tested is here.
  • New Kernel Vulnerabilities Affect Four Ubuntu OSes
    Canonical announced on November 30 that a new Linux kernel update for its Ubuntu 12.10 (Quantal Quetzal), Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 11.10 (Oneiric Ocelot) and Ubuntu 10.04 LTS (Lucid Lynx) operating systems is now available, fixing two important security vulnerabilities discovered in the Linux kernel packages by various developers.
  • Hotel room burglars exploit critical flaw in electronic door lock
    Attacks affected some 4 million locks; company wants customers to cover repair costs.
  • Researcher reveals backdoor access in Samsung printers
    Samsung printers contain a hardcoded backdoor account that could allow remote network access exploitation and device control via SNMP. Details of the exploit have been published. Some Dell printers manufactured by Samsung also have the admin account backdoor access.
  • Email hacks router
    A whole range of Arcor, Asus and TP-Link routers are vulnerable to being reconfigured remotely without authorisation. On his blog, security researcher Bogdan Calin demonstrates that just displaying an email within the router’s own network can have far-reaching consequences: when opened, his specially crafted test email reconfigures the wireless router so that it redirects the user’s internet data traffic.
  • Malicious code added to open-source Piwik following website compromis
    Backdoor added after hacker exploited vulnerability in mystery WordPress plugin. – Hackers inserted malicious code into the open-source Piwik analytics software after compromising the Web server used for downloads.
  • Account theft still possible with latest WhatsApp
    Recent changes to WhatsApp, which appears to have captured a position as the popular app-based alternative to texting, have not actually secured the system, at least for Android users.
  • iOS dictionary app accuses customers of piracy via Twitter
    In a blog posting, author Jenn Frank reports that the Oxford Deluxe (ODE & OTE) – powered by UniDict iPhone/iPad app, which retails for £37.99 (or €49.99), accuses legitimate buyers of being software pirates. Apparently, the app’s flawed DRM feature automatically tweets “How about we all stop using pirated iOS apps? I promise to stop. I really will” to the dictionary user’s Twitter followers.
  • Fake Windows 8 Key Generators and Activators Found Online
    Security company Trend Micro reports that several fake Windows 8 key generators and activators are now available online, all with the purpose of tricking people into believing they could actually activate Microsoft’s new operating system without paying for a license.
  • Software Pirates Release Tool to Crack Windows 8 Apps
    It was only a matter of time, but the inevitable has finally happened: software pirates have just released a downloadable application that allows users to download and run full Windows Store apps. For free, that is.
  • Hack could let browsers use cloud to carry out big attacks on the chea
    Scientists have devised a browser-based exploit that allows them to carry out large-scale computations on cloud-based services for free, a hack they warn could be used to wage powerful online attacks cheaply and anonymously.
  • Online Service Offers Bank Robbers for Hire
    An online service boldly advertised in the cyber underground lets miscreants hire accomplices in several major U.S. cities to help empty bank accounts, steal tax refunds and intercept fraudulent purchases of high-dollar merchandise.
  • Java Zero-Day Exploit on Sale for ‘Five Digits’
    Miscreants in the cyber underground are selling an exploit for a previously undocumented security hole in Oracle’s Java software that attackers can use to remotely seize control over systems running the program.
  • Lost+Found: Anonymous surfing, dubious DRM and a stuck stock exchange
    Too short for news, too good to lose; Lost+Found is a roundup of useful and interesting security news. In this edition: the latest edition of Nmap arrives, a router to route everything over Tor, an Autorun pest, a PDF autopsy, Stockholm’s stuck stock exchange, and a rather breakable unbreakable DRM.
  • A patched browser – false feeling of security or a security utopia that actually exists?
    Kaspersky Lab’s recently released “Global Web Browser Usage and Security Trends” report sparks several important questions from a security perspective.
  • I Was Just Friended By Myself On Facebook (And It Only Gets Weirder From There)
    From the blog post: I got a friend request from Bianca Bosker on Wednesday night. I’m Bianca Bosker, one of just three on Facebook, so the notification took me by surprise. What followed spooked me: When I finally scoped out this new Bosker at 8:30 a.m. on Thursday, I found myself staring back at me.
  • EU plans to implement mandatory cyber incident reporting
    To improve cyber security, the EU is considering making it mandatory for businesses to report cyber attacks. Although a big supporter of self regulation, Neelie Kroes, the EU Commissioner for the Digital Agenda for Europe, told German Süddeutsche Zeitung newspaper that she did not think there would be much progress with it in this case.
  • ‘Six-strike’ anti-piracy campaign postponed until 2013
    The Center for Copyright Information — a venture between ISPs, music labels, and film studios to crackdown on illegal downloads — says Hurricane Sandy delayed the November kick off.
  • Clueless officials hamper cybersecurity law-making
    Governments need to know what problems the cybersecurity legislation is meant to address, or they will face public backlash over the possible intrusions to their personal rights.
  • Why whitehats don’t want to help businesses at risk
    Well intended hackers might discover plenty of security vulnerabilities during their travels across the internet, but when businesses sue them or make it hard to pass the information along, it’s no wonder that they don’t even bother.

How-To Geek Weekly Article Recap

Geeky Goodness from the ETC Side

One Year Ago on How-To Geek

How-To Geek Comics Weekly Roundup

How-To Geek Weekly Trivia Roundup

Comments (12)

  1. December 2, 2012
    Gadgetman496

    That headline banner really is OTT in the dramatics Dept.

    You make it look like it’s the end of the world lol

  2. December 2, 2012
    thegeekkid

    +1 @ Gadgetman. I never really card for security essentials compared to other free alternatives; but I’m not so sure I could trust a anti-virus evaluation that ranks norton so high.

  3. December 3, 2012
    tiramid

    In my opinion, performing zero-day test on any anti-virus software does not describe its potential.
    It’s called zero-day threat because it is still unknown to the anti-virus software and yet they want to test some malware that’s unknown for the anti-virus program. What the heck, AV-Test. Zero-day tests are just, well, retarded because it’s like you want an anti-virus software to catch malware it does not know yet.

  4. December 3, 2012
    Roman Berry

    The zero-day threat thing with MSE is bothersome, but read the rest and you come away wondering just what having certification is really worth. From the link to the news at Softpedia:

    “As for the detection of widespread and prevalent malware, however, Microsoft Security Essentials has managed to achieve the maximum detection rate, with 100 percent in both months.

    Microsoft’s security tool has managed to outscore the industry average in the detection of actively running widespread malware test, with a detection rate of 98 percent versus 95 percent for the rest of the products.

    The 63 percent detection rate placed it above the industry’s average of 60 percent in the removal of further malicious components and remediation of critical system modification test.”

    So…for widespread and prevalent malware, 100 percent. For actively running widespread malware, MSE beats the industry average. And also above industry average for “emoval of further malicious components and remediation of critical system modification test.”

    I run MSE. I put it on every system I work on that has expired AV software (and there are tons of systems I come across in that state.) No issues with any of them in the last year. None.

  5. December 3, 2012
    Asian Angel

    @Roman Berry – I myself was rather disappointed with MSE when I used to run it on my own systems, but the ‘topper’ for me was having to clean/patch up computers that had MSE on them. It simply got taken out far too easily for my tastes. :(

    Since those ‘incidents’ I have made it a point to remove MSE from every single computer I have worked on that had MSE on it. After doing that I have not heard a single complaint about problems on those computers…but then again we each have something that does work for us and works well, so to each their own, eh? ^_^

  6. December 3, 2012
    Roman Berry

    @Asian Angel – My experience is that you can’t protect users from themselves. The only time I have ever encountered issues with MSE protected machines was when users were running either XP or running Vista or 7 using an admin account instead of a user account. Yes, to each their own. For me, the no-cost, no subscription feature along with general ease of use and lack of “scary looking” popups and warning bells and such make MSE the tool of choice. And as I said before, since I started installing MSE on client machines that either had no AV or expired AV, I haven’t had a single one come back with an issue in a year. Heck, it’s kind of hurt my business. Maybe I should stop. ;-)

    Bottom line for me on AV is this: I don’t care what users run, be it MSE, AVG, Avast, Avira, Kaspersky or what have you. I just care that they run something and that the something they run is up to date. I really hate the headline on this entry at HTG and I hate the image. Those things make this look like a huge deal, and I have no doubt this (and I mean this in the kindest way) kind of scare mongering is going to lead a lot of users who don’t know their head from that part of their body they sit on to make a big mistake and uninstall MSE without necessarily getting anything all all successfully installed to replace it.

    The AV test certification? It’s fertilizer.

  7. December 3, 2012
    Cecebee

    I never comment on most of these things but I’m breaking my silence on this one. All I can say is what ta bunch of BS! The only bad score is on zero day detection and there is no way for anyone to define what a zero day attack is going to look like until day 1 at best. To say that someone is better at zero day detection than someone else is nothing but a guess. Hell, I can guess too.

  8. December 3, 2012
    Colruss

    Come on “Geek How To” what’s your stance on this issue?

    Out with it or are you really scare mongering? Or What!!?

  9. December 3, 2012
    edmenje

    I have been using Threatfire along with MSE to help in the zero-day-attack issue. The heuristic approach missing from MSE is handled by TF and it has identified threats for me. The occasional popup regarding trusted software is a very minor inconvenience which I can live with for better peace of mind, and it doesn’t conflict or hog resources.

  10. December 3, 2012
    Jonas

    I’m currently on Windows 8, and I’ve left the new Windows Defender as my main antivirus program, I also run Malwarebytes Anti-malware Pro at the same time which only cost me like £20.00 for a lifetime licence, for me that’s more than adequate.

    I’ve been using Windows since Windows 7 (prior to that I was a Mac user…yeah) launched and personally I’ve never had any virus/malware/spyware issues, as long as you don’t do anything dumb like fall for a phishing scam, which i personally think is far more serious than a virus infection, I mean you might need to reinstall Windows because of trojans/viruses, or reset Windows 8, whereas falling for a phishing scam could mean your life being totally screwed if someone gets access to bank details, hacks email/Facebook etc. Avoid pirated/cracked software, pretty much everyone I know who has had a serious virus issue, is a major pirate, seriously if you really want Assassin’s Creed 3 for your PC but don’t wanna pay full price for it, then wait for a Steam sale or something

    I don’t know what kind of sites people visit to be hit by zero day malware, I’ve never come across anything even remotely close in all these years. Keep your browser up to date, don’t give access to your profile on Facebook to some dumb game/poll, don’t open dodgy looking emails, don’t click on via*ra ads where they spell the word incorrectly, and even if it is spelt correctly then go visit an actual doctor for a prescription ! The best form of malware protection is your brain, everyone I know who has had serious “computer” issues has done some dumb, insane stuff like install a “media player” to view p*rn because a pop up asked them to lol. They’re the same people who end up with bag of rice in an iPhone box from some dude they met in the street who offered them a quick sale iPhone

  11. December 4, 2012
    cownaetion

    Since MSE was released I have been using it. In the beginning it was quirky but after a couple upgrades it works fantastically, better than any free alternative out there (note the keyword ‘free’). I have put it on many machines for a variety of people and none of them have ever had a problem. I always find my self removing McAfee, Norton, and AVG

  12. December 4, 2012
    cownaetion

    Since MSE was released I have been using it. In the beginning it was quirky but after a couple upgrades it works fantastically, better than any free alternative out there (note the keyword ‘free’). I have put it on many machines for a variety of people and none of them have ever had a problem. I always find my self removing McAfee, Norton, and AVG quite often (the worse applications ever) but I will leave some of the other applications (Panda, Avira, Bit) as they seem to run just fine. Regardless of my own use and preference, I have received machines where paid AV applications failed to remove certain malware and only to have MSE work every time.

    As someone stated the effectiveness of an AV application is irrelevant when a user is explicitly installing malware. To try and counter this behavior, I always make sure all of my clients never use IE (regardless of platform) and never open attachments from e-mails unless it is something you were expecting (i.e. forms/documents that you were waiting for, etc.). After this, the only cleanups that I have to perform are the removal of inappropriate addons. In hindsight, it wouldn’t of mattered which AV application was installed on the system.

Akemi Iwaya (Asian Angel) is our very own Firefox Fangirl who enjoys working with multiple browsers and loves 'old school' role-playing games. Visit her on Twitter and .

  • Published 12/2/12

RECOMMENDED POSTS

How to Add “Scan with Windows Defender” to the Context Menu in Windows 8
The Ultimate Nexus 7 Troubleshooting Guide: 6 Potential Problems and How to Fix Them
If One of My Passwords Is Compromised Are My Other Passwords Compromised Too?
Online Safety: Why You Should Give Up Windows XP For Good (Updated)
How to Disable the Lock Screen on Windows 8 Without Using Group Policy
What Are the Windows A: and B: Drives Used For?


BEST OF HOW-TO GEEK