Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Windows Defender Stops 85 Percent of Common Malware: BitDefender

    By
    Brian Prince
    -
    November 11, 2012
    Share
    Facebook
    Twitter
    Linkedin

      Research from security vendor BitDefender underscored recently what many Windows users already know—running a machine without antivirus can be risky.

      In an analysis, the firm found 15 percent of what the security firm classifies as the malware families most favored cyber-criminals this year were able to successfully run on Windows 8 with Windows Defender on. That translated into 61 of the 385 malware samples the company tested.

      The drop-off without Microsoft’s Windows Defender enabled was dramatic, with 234 of the 385 samples able to run successfully. Of the remainder, 138 failed to run at all, while six ran and crashed and seven were denied elevation of privileges by the User Access Control (UAC) feature.

      The release of the findings comes as Windows 8 gets ready to receive its first Patch Tuesday updates next week, with three of the bulletins rated as ‘Critical’ affecting the new operating system.

      “This is a great improvement over the out-of-the-box security of Windows 7, for instance, where 262 of the 385 samples ran without any problems,” said Alexandru Catalin Cosoi, chief security strategist at BitDefender. “The preinstalled Windows Defender that now ships with Windows 8 makes a difference when it comes to narrowing the impact of malware.”

      In response to the BitDefender findings, Microsoft issued a prepared statement Nov. 9 that it “is committed to providing a trustworthy computing experience and continues to invest heavily in continuously improving our security and protection technologies.”

      According to Cosoi, researchers performed an automated test using three physical machines running Windows 7, Windows 8 and Windows 8 with Windows Defender disabled. The machines booted from a network boot server. The booting process passed system control to a script inside the OS that copied a sample piece of malware from the network FTP server and tried to execute it locally.

      “After the execution attempt, we compared the process and registry differences between the initial state of the machine and the post-execution state to see if the sample that got executed spawned its own process, modified another process and/or created additional registry entries and files,” he explained. “These differences got logged into a database. Then the machine got rebooted to its clean state pending another round of tests.”

      “In order to ensure the optimal conditions for the test, we synchronized the process to execute the same sample at the same time on all three machines,” he added. “Since the process was fully automated, we did not consider zero-day exploits that are usually delivered via browser, Flash or Java. We also did not include malicious non-executable scripts such as PHP files or JavaScript, as they can’t cause direct damage to the PC.”

      The sample set of malware mostly consisted of Trojans, worms, file-infectors and two rootkit-based pieces of malware. Of those, the Trojans performed the best, with almost all of them obfuscated enough to prevent initial detection and some not requiring UAC elevation.

      Despite the percentages, Cosoi argued, Windows 8 users should not be lulled into thinking they have total protection.

      “The test was based on the most advantaging scenario for Windows 8: the OS had UAC and antivirus set to ‘on’, as well as any bad decisions the user may take,” Cosoi said. “We only focused on technical vulnerabilities instead of including ways of getting a system infected by manipulating the user. Windows 8 users should not have the false sentiment of security and should consider a third-party security solution.”

      Brian Prince

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×