McAfee & Symantec... asleep at the wheel

Remind me again how we block malicious macros in Microsoft Files.  Attachment blocking?  Nope... not if it's a MS Office file.  Antispam signatures?  Kinda... but not 100% effective.  Antivirus?  Well... that's what we've put our trust in for the last decade.  Good decision?  Consider the following:

- Email traversing the internet this morning with a subject of "invoice" and an attached excel file:

- Per this Websense File Sandbox Report, the file modifies 53 Registry Settings and downloads an executable from a recently compromised site.  In fact, the download is from a valid government site for the City of Noale Italy that has recently been compromised.  Quick Question/Test - would your web filtering solution block that HTTP connection?  :-)

- Lastly, and as is so often the case, the vendors who command such a premium for reactive signature-based AV solutions (McAfee and Symantec) are again MIA.  Would it, therefore, make sense to reduce your AV budget by purchasing one of the vendors referenced below, and then reapply those savings towards an advanced security solution?