What is ransomware and how do I protect my PC from WannaCry?
As a user of MSE (Microsoft security esentials) I read again in PCA that it "does not offer any evidence of Heuristics based behaviour" based on tests done.
This is so at variance with all that I have read about MSE (On MS technet and MSE forums) that I was prompted to ask the question there.
The official response is that MSE does indeed have "behaviorial" monitoring. Is that classed as being the same I wonder. I pointed the question to the review in PCA (The new review and the "older" review still on this site) and am being told that the review is "wrong" and incorrect.
I wonder if there is a standard test for this kind of thing.
Further to this question, here is the reply/s from the MSE forum regarding this.
Obviously I am not in any position to comment on the accuracy of any of the statements offered or of the reviews of MSE.
I think you have to agree though that the information is contradictory.
We've asked the independent third-party tester we use (AV-Test.org) to take a look at the original tests and confirm our original review. But saying 'we found no evidence' doesn't actually contradict Microsoft's claim that heuristics is present - it just says that we found no evidence of it. As I say, we'll let you know, and then you can report back to MSE - I'm not entirely a fan of people claiming that PC Advisor is 'wrong' on third-party sites!
Thanks for looking into this.
This is one reason why I asked at the start whether there was some "standard" kind of test for this feature... whether there is some test "malware" like the EICAR file for instance.
It's not a case of playing one off against the other, it's just that the information (on an important feature) is contradictory and perhaps clarification is needed.
Microsoft (via the MSE forum... and people who have been involved in this) have continually made the point that virus definitions need not be up to date (even by several days) because this feature is so good.
Hope you understand why I have raised this issue.
We appreciate the question - it's how we learn. PC Advisor has been offering impartial, expert advice for a long time: you can't do that without listening to your readers.
Having done some debriefing with our colleagues at AV-Test.org, I'm happy to say that our review stacks up as it stands.
According to AV-Test:"Dynamic detection", as Microsoft is calling it, is no more than a signature-based detection with some kind of "in the cloud" queries. It's not behavioural and not what we would refer to as heuristics.
AV-Test took the greatest care with these tests, as it always does, and has great experience in behaviour-based "dynamic" testing. Indeed, the AV-Test lab was one of the first to do such testing. All details can be found here: click here (it's the second entry)
I think it's fair to say that AV-Test is less than impressed that MSE forum moderators are saying the tests were rushed, and I'm personally a little miffed that PCA is being impugned. But there you go. Such is life. If you want to set them straight and point them in this direction...
They are duly pointed :)
This thread is now locked and can not be replied to.