Security Experts:

Microsoft Security Essentials Flunks AV-Test.org Certification Process

In the latest round of testing and certifications performed by AV-Test.org, Microsoft’s Security Essentials (MSE) failed to meet the requirements for dealing with zero-day malware.

The failed protection rating made MSE the only anti-Virus product that didn’t earn AV-Test approval.

When it comes to the detection of widespread malware, MSE covered 100% of the spread, and the software matched 90% when it comes to detecting malware discovered within the last 2-3 months. However, zero-day threats, which includes Web and e-mail based attacks, is where MSE failed, scoring 69% in September and 64% in October.

It should be noted however, that Microsoft scored 10.5 points overall, and only needed 11 points to earn an AV-Test approval stamp. When it comes to the competition, BitDefender scored best overall (17 out of 18 possible points), followed by F-Secure/Symantec (tied), and Kaspersky.

“If you're using Windows 8, take these results as a wakeup call. Yes, Windows Defender is enabled automatically when no other antivirus is present, but its technology comes from the Microsoft products that failed the recent tests. Don't rely on it. Install a better antivirus right away,” commented Neil Rubenking, a reporter and AV reviewer for PC Mag.

"Microsoft prioritizes protection based on impact and prevalence of malware affecting Microsoft customers from a global perspective," a Microsoft spokesperson told SecurityWeek in an emailed statement. "The Microsoft Malware Protection Center actively supports third-party testers to use similar methodology in their test results. We reaffirm that Microsoft is committed to providing a trustworthy computing experience and continues to invest heavily in continuously improving our security and protection technologies."

The last time MSE lost out on an AV-Test approval was in September 2010. Currently, they hold almost 14% of the worldwide market when it comes to AV protection for home / SMB users; 27% in North America.

Updated at 9:30PM EST to add Microsoft's statement.

Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.