Print
Discuss
Send to friend
RSS feedsDelays in developing updates for anti virus software leave computers without protection sometimes for several days at a time.
IronPort Systems, a company that monitors networks and puts suspect emails in to quarantine, has released a report showing the delay between known outbreaks and protection being issued by anti-virus software makers.
On average it took anti virus companies 17 hours to produce protection known in the trade as signatures. Signatures are electronic photo-fit descriptions of viruses, used by anti-virus filters to spot and develop protection from the threats.
The time it takes to develop a signature depends on the virus involved and the mutations it goes through. By analysing data from its email traffic monitoring network, the company said that one variant of the MyDoom virus took 28 hours before a virus signature was issued via updates to anti-virus software.
Variants of the Bagle Virus took anti virus vendors a total of 79 hours and 25 minutes (three days) to get to grips with. Variants of the MyDoom Virus took them a total of 133 hours and 52 minutes (six days) to release a patch for.
But worse news of all for computer users was the different versions of the MyTob Virus. IronPort said this proved the biggest challenge for anti virus software developers to tackle, with patch development taking a total of 496 hours and 16 minutes (21 days.
Jason Steer of IronPort said even the normally short time it takes the anti virus companies to develop a defence, enables virus writers to introduce subtle changes to their creations.
This means that standard anti-virus updates may not be sufficient to detect threats. An example was the May 2004 Sasser worm, which raced across the world in minutes.
This end-of year report follows on from the one IronPort released mid-year first highlighting the issue. However, Andy McKeown of anti virus software maker Panda told Computeractive that there will always be delays – known in the industry as reaction times – before viruses can be stopped.
He said: "It depends on how quickly we can get a sample of the virus, but the idea is to get the reaction time as low as possible, which we are working on."
In the meantime, he added, Panda and other companies now distribute software that prevents viruses by analysing computers' behaviour and stopping suspicious activity.
Mr Steer said that while people can’t afford to rely solely on traditional anti-virus protection they can do more to protect themselves. People should never open attachments in emails unless they are expecting something.
For viruses that don’t require clicking on an email to download, installing a good firewall will add extra protection.
All Bugs, Patches & Fixes
del.icio.us
Digg this
reddit!
