Linked by Thom Holwerda on Mon 4th Jun 2012 19:28 UTC
Windows "Microsoft's Windows 8 will activate its built-in antivirus software only if it senses that the PC is not protected by another security program, according to AV vendor McAfee." That's one way to appease antivirus companies, I suppose.
Thread beginning with comment 520811
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Hm?
by bassbeast on Tue 5th Jun 2012 03:50 UTC in reply to "Hm?"
bassbeast
Member since:
2007-11-11

I'm sorry Werecat but as a small shop owner while I use MSE myself on my gamer machine (because that's all it does and the only time I use the browser at all is when its sandboxed) I'm afraid as an AV that MSE leaves quite a lot to be desired.

For example, I bet you've never seen MSE block a website that has malicious code on it have you? me neither, in fact on an XP test box I have at the shop i tried sites I knew had drivebys just to see if MSE would raise a fit and it wouldn't. It seems to be great for detecting downloaded bugs, but how many bugs these days come from downloading infected .exe files anyway?

That is why I give my customers Comodo or Avast, as both have automatic sandboxing and both do scan before load on web pages, although lately I've been leaning towards Comodo as Avast has gotten too "chatty" with their plugs for other services. But with both I've yet to see a bug where the user didn't actively ignore it (such as the brainiac that disabled Comodo so he could install "the new Limewire' which of course was just a malware payload labeled limewire) but I have seen browser bugs get past MSE, especially if they had an out of date Java or Flash installed.

While I'm glad it works for you, and again on my gamer machine I do use it myself because I know what to watch out for, I'd strongly suggest keeping vigilant when using MSE on a day to day machine and the occasional scan from Trend Micro's online Housecall wouldn't be a bad idea. Remember that MSE wasn't even an AV originally, it was Giant antispy before being bought and rebranded by MSFT. It still does great against spyware, against browser bugs and drivebys? Not so much, at least from what i have seen.

Reply Parent Score: 4

RE[2]: Hm?
by WereCatf on Tue 5th Jun 2012 05:07 in reply to "RE: Hm?"
WereCatf Member since:
2006-02-15

For example, I bet you've never seen MSE block a website that has malicious code on it have you?


I do admit that the answer is no. But then again, I don't visit such websites anyways.

me neither, in fact on an XP test box I have at the shop i tried sites I knew had drivebys just to see if MSE would raise a fit and it wouldn't.


If that is true then it is indeed quite a big shortcoming, though MSE is designed to go hand-to-hand with IE so most Joe Blows will likely be quite fine. I would try this myself but I'm not aware of any website to try with.

Gonna make a Windows - installation in a VM and try to find some driveby to try with.

Reply Parent Score: 2

RE[2]: Hm?
by n4cer on Tue 5th Jun 2012 13:57 in reply to "RE: Hm?"
n4cer Member since:
2005-07-06


For example, I bet you've never seen MSE block a website that has malicious code on it have you? me neither, in fact on an XP test box I have at the shop i tried sites I knew had drivebys just to see if MSE would raise a fit and it wouldn't. It seems to be great for detecting downloaded bugs, but how many bugs these days come from downloading infected .exe files anyway?



On my work computer (running Windows 7), I've actually had MSSE block malicious javascript from running while I was looking for product info about a customer's Android phone. It also stopped a trojan dropper embedded in (or disguised as) an mp3 file.

Reply Parent Score: 5

RE[3]: Hm?
by WereCatf on Tue 5th Jun 2012 15:39 in reply to "RE[2]: Hm?"
WereCatf Member since:
2006-02-15

I had to Google around for a while to find some infected website with a driveby, but yes, I finally found a few myself, too. MSE did pop up and warn about them so I have to guess that the reason why bassbeast's MSE didn't is because he was running Windows XP; I tried with Windows 7 in a VM and so far it's still clean and MSE works as expected. Oh, and yes, it does catch javascript - attacks, too.

As such I am still going to continue recommending MSE to people.

Reply Parent Score: 5

RE[2]: Hm?
by WorknMan on Tue 5th Jun 2012 18:14 in reply to "RE: Hm?"
WorknMan Member since:
2005-11-13

ut I have seen browser bugs get past MSE, especially if they had an out of date Java or Flash installed.


Flash (and optionally adblock) should be blocked by default on every browser, and only whitelisted when necessary. And who the hell installs Java anymore? ;)

Reply Parent Score: 1

RE[3]: Hm?
by darknexus on Tue 5th Jun 2012 20:48 in reply to "RE[2]: Hm?"
darknexus Member since:
2008-07-15

And who the hell installs Java anymore? ;)


OEMs, unfortunately. Most users do not install it, it comes preloaded. I have seen Toshiba, Fujitsu, Asus, and HP computers come with an outdated Java preloaded on these machines and in the recovery image.

Reply Parent Score: 3