The end of antivirus definition updates?



Well, frankly, there has been talk of the end of definition based antivirus scanning for years. You see the achilles heel of any AV scanner is that it has to have signatures of what known viruses look like, so there will always be a reflex window, where there’s a new unknown virus that people are getting infected with before there’s a reaction from the antivirus vendors. The supposed cure for this dillema was hueristic scanning which was supposed to detect things that “looked” like they might be viruses. A noble goal, but along the path it’s proven innefective mostly, either too aggressive and tagging EVERYTHING as potentially viral, or really unnoticable.



There is, however an article at pcmag.com looking at the recent worm bout and noting that several vendors detected exploit attempts without an update. 2 were able to detect 6 out of 6 different attacks without a signature update. They do note that one of these also generates a large number of false positives.

I don’t know if heuristics? (hueristics?) are the answer, they need to keep imroving though because false positives are what prompt people to disable the heuristic scanning. Further, maybe this needs to be a different class of software that analyzes 1)who is running this process, 2) is it automated or running from a user currently logged in 3) if it’s not run by a current user, why is it running? is it something that should run unattended? … maybe this is something that happens at a lower level (the kernel?)

Anyway, we’ll see if this is the end of definition updates (I’m not holding my breath though.)

Related Posts

Blog Traffic Exchange Related Posts
  • Symantec Antivirus Remotely Exploitable Vulnerability This is bad - whose defending the defender? eEye security has a bulletin announced that regards a remotely exploitable vulnerability in Symantec Antivirus 10.x and Symantec Client Security 3.x They say other versions MAY be vulnerable they're waiting for information from Symantec. Now, Symantec is probably the biggest selling antivirus......
  • How to Remove Windows Smart Security (Removal Guide) Windows Smart Security is a rogue spyware application that may fool people into installing and purchasing due to the use of the words Windows and Security in the title. It may fool people into thinking that it is related to Microsoft Windows and perhaps even a part of the operating......
  • How to Remove TRE Antivirus | TRE Antivirus Removal Guide TRE Antivirus is a new entry in the Wini Family of rogue antivirus software. This family includes SoftCop (SoftCop Removal), Softsoldier (How to remove SoftSoldier), ( TrustFighter TrustFighter Removal Guide, TrustSoldier removal guide and the following others... SafeFighter (Safefighter Removal), TrustCop (TrustCop Removal Guide), SecureWarrior (SecureWarrior Removal), SecurityFighter (SecurityFighter Removal),......
Blog Traffic Exchange Related Websites
  • Windows 7 Sales Spike to Overtake Mac OS X [/caption]Proving there is no accounting for taste Microsoft’s latest attempt at a decent operating system, Windows 7, is now running on 5% of the computers online.  The daily average of online users as measured by Internet metrics company Net Applications showed that an increase last week put Windows 7 above......
  • Training for Triathlon Races the Right Way Triathlon races are among the most challenging things people will do in their lifetime. This is true no matter what your athletic level is. This is because you challenge your body to stand up to the abuse from three different sports back to back. Racing in one of the sports......
  • Affiliate Programmes Explained People are often confused by affiliate programmes. This article aims to remove that confusion and make the whole area of affiliate marketing clear and simple. In simple terms, affiliate programmes are a way to get other people to promote your products and services in return for a commission payment.......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site