VB100 update
Several issues resulting from recent Windows 2000 test cleared up.
After a busy and drama-filled VB100 month, several issues arising from the test have been subject to further
investigation.
CA Anti-Virus, the home edition of CA's product, was recorded missing some 20 samples from the WildList
collection, although the corporate version, eTrust, had no such difficulties. This anomaly has been found
after further analysis to be due to an older version of the product's detection data files being submitted for
the test, a submission error due in part to an office move coinciding with the deadline date. Real-world users with automated
updates in operation should have had more comprehensive detection in place, and would thus have been protected from all
the WildList threats.
Kaspersky's product missed a single item from the WildList, in on-access tests only. This was due to a setting
in the on-access mode avoiding scanning a particular file type, for performance reasons. According to
Kaspersky Labs this setting has been adjusted to ensure this file type will be fully covered by the on-access
scanner in future, but VB acknowledges that, were the sample to be fully executed, its malicious actions would have been
blocked by other layers of protection included in the product.
ESET's NOD32 was stated as missing a single sample from the polymorphic test set. Further checking has
found this was in fact a corrupted file included in the test set in error, and ESET should have achieved the
excellent score of 100% across all test sets. The appropriate corrections to online results will be made as soon as possible.
12 December 2007
Tags:
vb100, virus bulletin.
del.icio.us 
digg this
