Over the course of a year, no anti-virus product has a perfect day

May 30, 2014 13:00 GMT  ·  By

A research conducted by security company Lastline Labs revealed that no less than 49 percent of the anti-virus solutions currently on the market fail to detect and block zero-day malware, meaning that in most cases, computers running such products could be vulnerable to exploits.

Lastline hasn't provided any names, but it said that only 51 percent of the security products it tested actually discovered the zero-day forms of malware. Apps from a total of 47 vendors have been included in the research, it said, which means that approximately 23 have left computers vulnerable to viruses.

Basically, this issue arises when the security vendor that created the app moves slowly to deliver new virus definitions to clients running its solution, so the newer the malware is, the bigger the chances to get your computer infected.

Lastline says that when no anti-virus solution managed to detect and block the malware on day one, an average of two days were needed to receive the updates that would allow the app to protect computers and discover the infection.

After two weeks, detection rates were up to 61 percent, which according to Lastline is living proof that in many cases, the lag time for AV vendors is a serious issue that could seriously affect customers.

What's more, during the course of one year, no anti-virus solution had a perfect day, which means that each of the products involved in the research had at least one day when it failed to detect the zero-day malware.

“On any given day, according to Lastline Labs’ analysis, much of the newly detected malware went undetected by as much as half of the AV vendors. Even after 2 months, one third of the AV scanners failed to detect many of the malware samples,” Lastline said in the research.

“By averaging the daily detection rates, we are able to plot the pace at which the AV scanners catch up with the malware. The least-detected malware - that is the malware in the 1-percentile 'least likely to be detected' category - went undetected by the majority of AV scanners for months, and in some cases was never detected at all.”

The results pretty much speak for themselves. Anti-virus protection is effective in some cases, but it's not in many. Additional security programs that could protect users' computers could really come in handy when dealing with zero-day malware, but it's only up to the user and to the security company itself to implement such technologies in app suites designed to block malware and other malicious attempts.