How Secure Is OneCare?
So all of the new features and high-production-values interface features are nice, but what about virus-killing performance? What about spyware? I am happy to report that OneCare is very sensitive to ActiveX controls – one of the most common entry points of viruses, spyware, and malware onto Windows computers. Here you can see OneCare detecting a malicious ActiveX control before it is installed:
OneCare Nabs A Virus
Windows OneCare also automatically froze and closed the Internet Explorer window that contained the malicious ActiveX control prior to cleaning it.
The Test
To better test OneCare’s resilliance, we conducted an exposure test. Below is a list of threats tested on OneCare and its response to these threats.
Threat | Windows OneCare Live |
Exploit:JS/Msdds.A (Virus) | Detected, Cleaned |
YourSiteBar (Spyware) | Did Not Detect |
TrojanDownloader:Win32/Small.ADR (Virus embedded in JPEG) | Detected, Cleaned |
Gator (Spyware) | Did Not Detect |
Mirror_plugin.exe (Spyware) | Did Not Detect (Blocked outgoing network traffic) |
Oddly, OneCare did not seem to be detecting Spyware. It is possible that this pre-release build did not include spyware definitions, however in its current state, you will want to keep your anti-spyware software around (we recommend Microsoft AntiSpyware – a download from Microsoft).
On the other hand, OneCare did a very nice job of detecting browser-based threats, including a trojan based on a buffer-overflow exploit in the JPEG file format, an impressive catch. Also OneCare was able to shut down IE automatically, preventing the threat from breaking through, a nice touch.
