About the PCA review of MSE

  mooly 07:32 16 Nov 2009

As a user of MSE (Microsoft security esentials) I read again in PCA that it "does not offer any evidence of Heuristics based behaviour" based on tests done.

This is so at variance with all that I have read about MSE (On MS technet and MSE forums) that I was prompted to ask the question there.

The official response is that MSE does indeed have "behaviorial" monitoring. Is that classed as being the same I wonder. I pointed the question to the review in PCA (The new review and the "older" review still on this site) and am being told that the review is "wrong" and incorrect.

I wonder if there is a standard test for this kind of thing.

  Forum Editor 18:54 16 Nov 2009

from Speakers Corner.

  mooly 08:40 18 Nov 2009

Further to this question, here is the reply/s from the MSE forum regarding this.

click here

Obviously I am not in any position to comment on the accuracy of any of the statements offered or of the reviews of MSE.

I think you have to agree though that the information is contradictory.

  Managing ed 10:10 18 Nov 2009

We've asked the independent third-party tester we use (AV-Test.org) to take a look at the original tests and confirm our original review. But saying 'we found no evidence' doesn't actually contradict Microsoft's claim that heuristics is present - it just says that we found no evidence of it. As I say, we'll let you know, and then you can report back to MSE - I'm not entirely a fan of people claiming that PC Advisor is 'wrong' on third-party sites!


Matt Egan
Managing Editor

  mooly 12:45 18 Nov 2009

Thanks for looking into this.

This is one reason why I asked at the start whether there was some "standard" kind of test for this feature... whether there is some test "malware" like the EICAR file for instance.

It's not a case of playing one off against the other, it's just that the information (on an important feature) is contradictory and perhaps clarification is needed.
Microsoft (via the MSE forum... and people who have been involved in this) have continually made the point that virus definitions need not be up to date (even by several days) because this feature is so good.
Hope you understand why I have raised this issue.


  Managing ed 08:51 19 Nov 2009

We appreciate the question - it's how we learn. PC Advisor has been offering impartial, expert advice for a long time: you can't do that without listening to your readers.

  Managing ed 16:39 20 Nov 2009

Having done some debriefing with our colleagues at AV-Test.org, I'm happy to say that our review stacks up as it stands.

According to AV-Test:"Dynamic detection", as Microsoft is calling it, is no more than a signature-based detection with some kind of "in the cloud" queries. It's not behavioural and not what we would refer to as heuristics.

AV-Test took the greatest care with these tests, as it always does, and has great experience in behaviour-based "dynamic" testing. Indeed, the AV-Test lab was one of the first to do such testing. All details can be found here: click here (it's the second entry)

I think it's fair to say that AV-Test is less than impressed that MSE forum moderators are saying the tests were rushed, and I'm personally a little miffed that PCA is being impugned. But there you go. Such is life. If you want to set them straight and point them in this direction...



  mooly 18:12 20 Nov 2009

Thanks Matt
They are duly pointed :)

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Galaxy Note 8 vs iPhone X

This is what design agencies will look like in 2032

How to update iOS on iPhone or iPad

WhatsApp : comment lire vos messages sans que l’expéditeur le sache