To conduct this test, NSS Labs took 123 common and already public exploits (many have been public for awhile, some years even) and tested them against a selection of the leading anti-virus vendors: AVG, Norman, ESET, Panda, F-Secure, Sophos, Kaspersky, Symantec, McAfee, and Trend Micro.
The results are dismal and, according to NSS Labs, reveal that about 75 percent of organizations are not adequately protected.
How unprotected?
Well, the average protection score was 76 percent against the original exploit and 58 percent for a similar or alternative exploit. Note these exploits were not obfuscated in any way, according to NSS Labs. So many attacks in the real-world would even be more successful.
In baseball, a 76% average would be outstanding. When protecting your data: not so much.
But when one looks beneath the averages the results are even worse. Only one vendor, the highest ranked, stopped all exploits thrown at it. The lowest ranked vendor didn't even manage to stop 70 percent of the exploits thrown at it.
Symantec, according to the report, only managed to stop 71 percent of the exploits thrown at it.
These just aren't acceptable results. So not only are software vendors not investing enough to develop applications that will keep your data safe, but neither are most of the vendors that purport to protect you.
For my security and technology observations throughout the day, find me on Twitter.