SMB - Webroot: Win Defender lets spyware onto Vista

Users who put their faith in Vista's new security features and Microsoft's Windows Defender antispyware product may find themselves under attack from spyware all the same, according to the results of a study by Webroot, a leading antispyware vendor and Microsoft competitor.

On Thursday, the company released the results of what it claimed was a two-week study of Windows Defender that showed the product missed 84 percent of a sample set of 25 spyware and malicious code samples. The programs that slipped by were a mix of spyware, Trojan horse programs, and keyloggers. While many were not Vista compatible and simply crashed, others were able to install on Vista systems, said Gerhard Eschelbeck, Chief Technology Officer at Webroot.

Technical staff in Microsoft's Security Business Unit weren't able to respond to requests for comment on Webroot's claims.

Eschelbeck identified variants of common malware programs like DollarRevenue Trojan, PeperTrojan, and Playboydialler that made it by Windows Defender. Some of the variants were recently released, though others dated back to 2006, he said. Of the four programs Windows Defender did stop, most were non-malicious adware, he added.

"We wanted to validate the strong claims out of the industry that Vista was going to be a security solution for everybody and everything," Eschelbeck said.

Webroot picked the malicious code samples from tens of thousands of samples collected on its Phileas spyware scanning network. Webroot's Spy Sweeper product spotted all of the samples.