Testing Reveals Security Software Often Misses New Malware

This article is based on the NSS labs endpoint protection test.

http://www.pcworld.com/article/1993...are_often_misses_new_malware.html?tk=rss_news

http://nsslabs.com/host-malware-pro...int-protection-product-group-test-report.html

 

Interesting, this has been known for a while though. Personally I don't think this is a alarming wake up call, when I come and find malware samples I normally take some time and send it to the vendors and other security tool sites. The problem is most of the time people don't submit malware to vendors which is really why it takes a while.

 

from 2nd link

Sigh, monetise

 

Considering the highest percentage on the latest av-c proactive test was 60 something percent, this is somewhat obvious.

 

can't say I have been ever asked to clean a machine infected with stuff that was not in the installed AV products database,never known anybody to be compromised by a "zero day" threat:-the main problem isn't detection of new threats(undetected new threats!)but users not keeping their products up to date,so old "already detected" threats are then the main problem because of the prevalence of these compared to the rarity of the new stuff

 

Sure, when you cleaned the machine it was in the database. But, considering that any decent AV will autoupdate these days, how do you think the threat got on the machine in the first place?

Answer: It wasn't detected at the time of infection.

 

Lol, so why even bother using anything. Seriously. I mean spend money on something that stands a 50/50 chance of working. Something is going to have to give soon or vendors are going to fall so far behind this war, they fall off the earth.

Still say something like ShadowDefender is one of the few ways to beat most of this.

 

Finally you realise?

And if Shadow Defender is the same as Returnil on 64-bit, it's not "sufficient" protection apparently

 

You don't need to spend money.. MSE with LUA and Applocker/SRP will protect you well... I guess.

 

Look at my setup, it is composed entirely of freeware and system hardening

 

Where?? What setup ?

 

https://www.wilderssecurity.com/showpost.php?p=1697840&postcount=8976
The thread sure was popular.

 

Now i see

That's quite the list. I betcha a year from now you'll be only runnin Sandboxie & Iron Chrome

 

This facts about anti virus applications are the reasons why I don't expect
the anti virus that I use to protect me at all. Realizing that they are almost
worthless on real time is what pushed me on learning and using Sandboxie
and DefenseWall. Products like those two are great against Zero day threats.
I use to do a lot of scanning but not any more because they always come
up clean, since I started using them.
Bo

 

nope:-most machines that are infected are either set to manual update or have an expired licence:-hence no updates
The biggest problem in recent times has been the tdss rootkits:-not because it was "new"(far from it)but because no product protected or cleaned it for ages,very new or zero day threats are not the biggest problem,or even a big problem

 

Agree with some people here
Most malware that get through all my relatives/friends pc's are old malware or i mean detected things
(Yeah i fix lots of PC's for free, maybe it's my hobby but sometimes it gets very tiresome)

 

I seriously thought with LinkScanner & Sana BB tech integrated, AVG would cream real-world tests. But in reality AVG seems to have gone the CA way; Absorb potent companies and then just drain them.
AVC, AV-Test and now NSS all dynamic tests point to the same. Such a shame.

 

The writer(s) didn't realize the fact that's stated in the header till now? Wow, they're years after every active member of this forum.

 

I found this link posted in the comments to an article on a Swedish IDG site wich goes strait to this $400 test.
http://www.datastar.com.tr/trendmic...ort--Consumer-FINAL-AuthorizedReprint0923.pdf

And if one scrolls down one can see the amount of hours the vendors need before they start blocking malware sites.

 

While historically interesting, note that the results are based on the 2009 editions of the tested products, and thus are out-of-date.

 

I know, but this is indeed the test that they were talking about in the article in wich I found this link in the comments. Wich is the same test that PCWorld are writing about on the link in post 1 in this thread.

But I don't think that the time of blocking malware sites has increased or decreased so much from last year actually

 

Also the number of vendors was too limited.