Only 16 of the 24 products pitted against the test passed, while eight fell short owing to missed malware samples or false positive returns.
Most of the major vendors, including McAfee, Symantec, Microsoft and Sophos, were able to pass the test. However, several others, including F-Secure, Kaspersky and Computer Associates, fell short of the certification.
Other firms failing the test included Redstone, Avira, Microworld, Quick Heal and ArcaBit, whose ArcaVir product missed 93 samples and returned three falsitives.
In order to pass the test and receive VB100 certification, a product must be able to identify all 100 pieces of malware without returning any false positives for uninfected files.
CA's eTrust software missed one item from the malware list, while F-Secure and Kaspersky each returned one false positive.
Conspicuously absent from the latest VB100 test was Trend Micro. The company pulled out of the tests following a failure in April.
Critics of the test suggest that the system is antiquated and relies too heavily on signature-based testing, which checks for known malware samples, rather than more recently-developed heuristic, or behaviour-based, methods that can catch new or unknown malware.
.png&h=140&w=231&c=1&s=0)
.png&w=120&c=1&s=0)
EDUtech AU
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Integrate Expo 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
