updated 11:50 am EST, Mon December 24, 2007
Windows Antivirus Failure
The third-party antivirus software for Windows PCs is buckling under the load of advanced security threats, German computer magazine c't reports in its latest issue. A comparison of 17 different antivirus tools show that while a few programs are adept at picking up known trojans viruses, such as AVG and BitDefender, most have seen a degraded ability to recognize malware that does not fit existing patterns. With the exceptions of F-Secure and NOD32, most halved their detection rates of unknown from 40-50 percent in January to just 20-30 percent. This places most Windows PCs at risk of catching a 'wild' virus before the antivirus software firms have a chance to update their signatures to recognize it, c't warns.
These failures are largely attributed to the increasing complexity of the malicious code itself. An increasing number of virus threats are designed to recognize and bypass the most common security programs, rendering behavior-based and traditional detection methods obsolete.
The software is also placing an increasing burden on the host computers, the magazine adds. The operating system's performance is more likely to drop while the antivirus utility runs in the background, while false alarms have increased and led people to believe useful files were viruses. In a separate incident, Kaspersky has accidentally flagged Windows' shell program Explorer as a virus and threatened to quarantine the code. [via Heise UK]