OneCare malware detection update

There’s been lots of talk about Windows Live OneCare in the last two weeks, particularly around its poor detection rate in some recent malware tests. On Thursday the OneCare team respond on their team blog, though while it’s good for Microsoft to come out and address these issues, the response time has just been too slow for there to be a meaningful impact.

As was explained to us when we talked to the OneCare MVPs this week, the tests which questioned OneCare’s detection rate were primarily looking for variants of older malware, which for most users will not pose any major threat. In contrast the OneCare team has been concentrating on detecting the newer and more active malware for its v1 and 1.5 products. While the reasoning behind this is logical, this is definitely an issue that now needs to be addressed by the team. (The recent performance of the OneCare anti-malware engine has been discussed in more details on the Microsoft anti-malware blog.)

What doesn’t help the OneCare team are comments made to ZDnet by Arno Edelmann, Microsoft’s European business security product manager. Edelmann is quoted as saying that that “usually Microsoft doesn’t develop products, we buy products. It’s not a bad product, but bits and pieces are missing…OneCare is a new product — they shouldn’t have rolled it out when they did, but they’re fixing the problems now.” While I’d disagree that Microsoft’s best products are all purchased (Messenger and Spaces come to mind for Windows Live), this is definitely not the way to reassure consumers already running OneCare. Microsoft doesn’t have the greatest record when it comes to security and in this case Arno should have followed the Sinofsky lead and kept quiet instead of compounding the issue.

Looking ahead to the OneCare 2.0 beta expected to begin in April, the most interesting feature rumored so far is undoubtedly the ability to backup to the cloud, something we suggested early last year. It’ll be interesting to see if and how this ties in with the skydrive, the cloud storage service Ray Ozzie has mentioned previously. With Windows Live moving into wave 2, replication should be one area with some exciting developments.