Hacker News new | past | comments | ask | show | jobs | submit login

I don't know why this comment is being downvoted. A quick google will show the results.

Page 9 of the latest report: http://www.av-comparatives.org/summary-reports/




Yes. Microsoft, alone among AV vendors, shares any signatures it finds with every other major AV vendor, so everyone is going to find everything Microsoft does, plus what their own research turns up. That said, I don't think it matters enough to bother with the problems for-pay anti-virus vendors bring.


Did you read the document? The Microsoft product is quite good, but many of the paid ones are better. I don't know what problems you are talking about (I don't have any) - but that's a personal anecdote, we are discussing a proper comparison.


> I don't know what problems you are talking about (I don't have any)

the glaring security holes opened by them month after month? The HN link you're posting a comment to is about the 5th bad exploit in third-party AV this year alone.

So far nothing seems to have been found in the MS built-in one.

Installing third-party AV means that you expose yourself to targeted attacks and, if this goes on like it currently does, to drive-by attacks too as by now malware authors must have gotten the hint that searching for vulnerabilities in those various AV products is a very worthwile effort.

In general, AV products provide a HUGE attack surface: They don't just need to support natively many more file formats than any other piece of software, they also have to harden their support against exploit code purposefully written to be malicious.

And compared to many exploitable user-space applications, these AV products normally run in kernel-space, so an attacker doesn't just gain remote code execution, they gain remote code execution with admin privileges.


I skimmed it, I didn't see anything I haven't seen before. Notably they aren't grading on stuff like "number of popups that I have to click through to get it to quit nagging me." There's also been privilege elevation exploits using antivirus software.

EDIT: And there's anti-virus software that's messing with your system's root certificates so it can MitM all your HTTPS traffic to scan it:

http://www.securityweek.com/antivirus-software-has-negative-...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: