How important are updated virus definitions?

Discussion in 'malware problems & news' started by psaulm119, Feb 9, 2006.

Thread Status:
Not open for further replies.
  1. psaulm119

    psaulm119 Registered Member

    Joined:
    Aug 29, 2003
    Posts:
    36
    Recently, while talking to a rep from the company that services our school's laptops, I heard a statement that I hadn't heard before. Their rep was telling me that NAV 2005, which runs on some of our computers, updated last at the end of December 05 (when the subscription ran out), would be more than adequate as an av defense for some of our computers that are used to get online. He was saying that the
    chances of getting infected by a virus that isn't in the definitions file are rather slim.

    This really goes against the grain of what I have been led to believe. I would have thought that even a freeware av ap with updated definitions would be better than a pro version that hasn't been updated in a while.

    Is this true?

    Perhaps another way of expressing this question is to wonder what percentage of viruses in the wild, are new (say, created in the last month or two or three) as opposed to the older ones that would be in a 6-month old definitions file.

    Any takers?
     
  2. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,755
    Location:
    Texas
    One opinion on keeping your antivirus program updated here.
     
  3. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    An AV should always be kept updated as threats & other nasties appear every day. It's really important to keep your AV up-to-date, regardless of what other people say. And that's a fact!
     
  4. Brian N

    Brian N Registered Member

    Joined:
    Jul 7, 2005
    Posts:
    2,148
    Location:
    Denmark
    In the old days where threats weren't so common as they are today, you could pull it off - Even I only updated my AV 2 times a month. But these days you can't do that (well you can, but I won't recommend it).
     
  5. psaulm119

    psaulm119 Registered Member

    Joined:
    Aug 29, 2003
    Posts:
    36
    Thanks for the replies. The Kaspersky article was rather informative. I'd never seen the argument outlined (about the increasing speed of infestation of the newer threats) and of course it increases the need for updated definitions (because an infected computer can now cause much more damage).
     
  6. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,097
    Well, since the article and replies did not mention it, the updates are only required to be up-to-date in a signature-based AV. There are other AV engines that are primarily heuristic in nature and do not work on the basis of signatures per-se that the signature-based AVs use.

    With a signature-based AV, you are only protected upto and including the latest known signatures. The new-kid on the block virus signature is not known until a certain time period after its first release. That is when the signature-based AVs are not able to protect your computer from the new-kid on the block virus.

    With a heuristic-based AV, you may have at least a chance of protecting yourself from the new-kid on the block virus.

    One interesting AV signature/heuristic combination is Gdata AVK Pro which uses the engines from both Kaspersky and BitDefender. Not having used this, I cannot comment on it, however, it would be interesting to see a comparison of Gdata AVK Pro vs KAV and BitDefender used on one machine against a slew of viruses. It probably all boils down to which products get the latest updates as to who would come out for the better in such a comparison.

    -- Tom
     
  7. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    I personally like norton antivirus, but if it is not updated or other AV's not updated they are next to worthless in a very short time without new definitions. Hueristics help but do not take up the slack for lack of updates.
     
  8. psaulm119

    psaulm119 Registered Member

    Joined:
    Aug 29, 2003
    Posts:
    36
    Thanks for that perspective, Lotus and bigc. I've never looked into the heuristics vs. definitions question. Like everything in computer security, its a matter of layers and each layer can help, regardless of how important. I'll have to research that some more, tho.
     
  9. webyourbusiness

    webyourbusiness Registered Member

    Joined:
    Nov 16, 2004
    Posts:
    2,640
    Location:
    Throughout the USA and Canada
    I partially agree with bigc - heuristics are a very important part of a rounded approach to AV technologies - they provide zero-day protection in many cases, ie, they can detect minor variations of known threats, or threat classes that have a known behavior type.

    However, updates are ESSENTIAL in today's ever changing landscape of threats... you can't do without them, and for any AV rep to tell you that you can, is simply ludicrous in my opinion.

    In a school setting - worse still - again, in my opinion...
     
  10. Pela

    Pela Registered Member

    Joined:
    Apr 7, 2006
    Posts:
    1
    Updated virus definitions is the most important thing which You should do by Your anty virus program.:ninja: :ninja: :ninja: :ninja:
     
  11. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    agree....updating your anti-virus is vital. of course heuristics play an important role but they are also delivered through updates. :D
     
Loading...
Thread Status:
Not open for further replies.