Microsoft has come out gunning for an exploit test performed by security outfit Secunia involving 12 Internet Security Suites among which Windows Live OneCare. The Redmond company labeled the results of the exploits targeting vulnerabilities test as misleading and confusing because Secunia focused exclusively on the on-demand scanner functionality instead of taking into consideration the complete dozen security solutions. Windows Live OneCare ranked fifth in the comparison behind Norton, BitDefender, TrendMicro and McAfee, having identified only 1.67% of exploits.

“At first glance, it would seem that this test would be very helpful to consumers to determine the best security suite in the specific scenario - although none of the suites did particularly well in this specific situation. However, Secunia's test focused only on the on-demand scanner functionality and did not take into account any of the other built-in security protections in Windows Live OneCare or other suites included in the test. Moreover, Secunia's test explicitly focused on machines that were unpatched with some of the latest updates, both to the Windows operating system and to applications on the machines,” a member of the Windows Live OneCare team commented.

Secunia's test involved approximately 300 exploits designed to take advantage of vulnerability in what Microsoft referred to as high-end and high-profile software products. The 12 antivirus products were thrown against a variety of threats including Proof of Concept, GameOver Proof of Concept, and Exploits complete with malicious playloads. Secunia's conclusion is that none of the major security vendors focus on vulnerabilities, in this manner leaving customers exposed to new malware exploiting software flaws.

“The on-demand scanner functionality in Windows Live OneCare is a useful tool, but it is only one piece of the overall solution. To be fully effective, it must work in conjunction with other functionality in the suite including, but not limited to, the real-time anti-malware detection engine, the firewall, and automatic update engines like Windows Update and Microsoft Update that provide the latest patches for the OS and the applications on ever evolving threats,” the Windows Live OneCare representative added.