The end of antivirus definition updates?
Well, frankly, there has been talk of the end of definition based antivirus scanning for years. You see the achilles heel of any AV scanner is that it has to have signatures of what known viruses look like, so there will always be a reflex window, where there’s a new unknown virus that people are getting infected with before there’s a reaction from the antivirus vendors. The supposed cure for this dillema was hueristic scanning which was supposed to detect things that “looked” like they might be viruses. A noble goal, but along the path it’s proven innefective mostly, either too aggressive and tagging EVERYTHING as potentially viral, or really unnoticable.
There is, however an article at pcmag.com looking at the recent worm bout and noting that several vendors detected exploit attempts without an update. 2 were able to detect 6 out of 6 different attacks without a signature update. They do note that one of these also generates a large number of false positives.
I don’t know if heuristics? (hueristics?) are the answer, they need to keep imroving though because false positives are what prompt people to disable the heuristic scanning. Further, maybe this needs to be a different class of software that analyzes 1)who is running this process, 2) is it automated or running from a user currently logged in 3) if it’s not run by a current user, why is it running? is it something that should run unattended? … maybe this is something that happens at a lower level (the kernel?)
Anyway, we’ll see if this is the end of definition updates (I’m not holding my breath though.)
Popularity: 1% [?]
Related Posts - More Fake security sites More sites that claim to be windows security center or the like are popping up... a list: securitycaution(dot)com dnserror404(dot)com todaywarnings(dot)com updatesystempage(dot)com yoursecuritysystem(dot)com From sunbeltblog. There's a post at sysinternals about the bogus security software that's out there. Spyaxe, among others, pose as "antispyware software" and bring along more problems than......
- Network Security guide for the home or small business network - Part 3 - Antivirus Ok, the first two entries thus far, hardware firewalls and software firewalls have been fairly operating system independant. A hardware firewall is best, but if that's not possible a software firewall will do until you get a hardware firewall setup. This next item is (currently) a must have for Windows......
- How to Remove Windows Smart Security (Removal Guide) Windows Smart Security is a rogue spyware application that may fool people into installing and purchasing due to the use of the words Windows and Security in the title. It may fool people into thinking that it is related to Microsoft Windows and perhaps even a part of the operating......
Related Websites - Instant Profit ATM Review Hello there, thanks for visiting this evaluation. Right now I will be reviewing Instant Profit ATM. Right, what is it? Well, to put it in simple terms, let's look at the publisher's brief description: - Ex Homeless Drug Addict Figures Out How To Make $200 Whenever He Damn Well Pleases!......
- Training for Triathlon Races the Right Way Triathlon races are among the most challenging things people will do in their lifetime. This is true no matter what your athletic level is. This is because you challenge your body to stand up to the abuse from three different sports back to back. Racing in one of the sports......
- Windows 7 Sales Spike to Overtake Mac OS X [/caption]Proving there is no accounting for taste Microsoftâs latest attempt at a decent operating system, Windows 7, is now running on 5% of the computers online. The daily average of online users as measured by Internet metrics company Net Applications showed that an increase last week put Windows 7 above......
Similar Posts
- js/exploit packed.c.gen
- Grisoft AVG Antivirus 7.5 on Windows XP False Positive that HURTS
- Trojan horse proxy.ahiy and AVG
- AVG antivirus false positive
- MS05-053 Microsoft Windows Image Viewing Vulnerability