Microsoft last Thursday acknowledged poor test results of its OneCare antivirus software, but promised it would do better by paying more attention to malware actually in the wild.
"The recent detection numbers were not stellar,"a member of the Microsoft security research and response team, Jimmy Kuo, said in a company blog. "We missed capturing a VB100 [Virus Bulletin 100] in the last test because we missed one virus. As a result, we have adopted new methodologies to ... look more closely at families of viruses that have been found to be 'in the wild,' [those] found actively spreading among users."
Early last month, Virus Bulletin, a UK-based publication whose VB100 tests are considered one of the antivirus industry's benchmarks, put 15 Vista security programs up against January's WildList, a master list of all viruses, worms, Trojans and other on-the-loose malware. Five titles failed the test, including Microsoft's Windows Live OneCare 1.5.
"We will keep on working to acquire the VB100 Award each time we are tested by Virus Bulletin," Kuo said.
Although he didn't specify all the steps Microsoft would take to remedy OneCare's poor performance, Kuo said the company's developers would come up with virus signatures able to detect entire families of malware, something security-specific vendors have been doing for years. Kuo also said that Microsoft would put more resources into identifying what he called "truly important malware."
Windows Live OneCare's skills have been called into question by other tests in recent weeks. Earlier this month, [AV Comparatives, a non-profit site that pits the most popular antivirus products against nearly half a million pieces of malware, placed OneCare dead last in a list of 17 programs.
"You will see our results gradually and steadily increase until they are on par with the other majors in this arena," pledged Kuo.
Kuo, who prior to joining Microsoft's security team last September was a 10-year veteran of McAfee's AVERT research lab, is probably best known as the researcher who tracked down the hacker who wrote 1999's Melissa virus.