Some Antivirus Tools Wildly Effective Against Zero-Day Malware
PC Magazine, By Neil Rubenking
Trojan or other malicious program that's been analyzed by antivirus researchers
is very easy to detect and block. Antivirus programs handle such threats using
a kind of file fingerprint known as a signature. In many cases, a single
well-crafted signature can match a whole family of related malware. The real
problem involves detecting zero-day threats; malware or malware variants that
have never been seen before. In a recent test by AV-Test Institute,
several antivirus tools proved wildly effective against zero-day threats, while
others failed miserably.
To evaluate the effectiveness of each product's zero-day malware protection,
AV-Test's researchers exposed them to newly-discovered malware every day for
two months. The samples included executable files, Web-based attacks, and email
threats. They tested all products simultaneously and noted which ones
successfully detected and blocked the malware samples.