Quote:Many users have known for a long time that they always need to keep their Windows up to date so that cyberattackers will have as few opportunities as possible to launch an assault. But Windows itself has a number of vulnerabilities that only security software can mitigate. Interesting fact: Windows attempts to load DLL files even if they are only referenced in code and the actual file does not even exist. Attackers create these phantom files, including malware code, and make them available to a Windows process. This process becomes an unintentional facilitator of the ransomware or infostealer attack. In the latest Advanced Threat Protection test – ATP test for short – 19 protection products for consumer users and corporate users demonstrate whether they see through all these DLL guises, including malware, or whether they fall for them.

19 security products in the ATP test under Windows 11​

All products were required to demonstrate in 10 real attack scenarios that they identified the malware and were capable of fending it off in further steps. Each additional action is documented in the ATP test and illustrated in the results graphs.

In test lineup were 10 consumer user products from Avast, AVG, Avira, ESET, F-Secure, G DATA, Kaspersky, McAfee, Microsoft and Norton. The solutions for corporate users came from the vendors Acronis, Avast, Bitdefender, ESET, Kaspersky (with two versions), Microworld, Qualys and Trellix. 

In each ATP test, the experts in the lab deploy alternating attack techniques, just as cybergangsters do in real life. In the 10 scenarios involving 5 samples of ransomware and infostealers each, the testers award a specified number of points for the performance of each product. This means up to 3 points for ransomware, and up to 4 points for infostealers. Half points are also awarded if a product is capable of mounting a partial defense against an attack. At the end of the test, each product is ultimately able to earn up to 35 points for its protection score.

Full Report...