I read a disturbing article on Tech Republic about how the advent of polymorphous and encrypted malware programs are making traditional signature based anti-virus products ineffective. Basically, malware writers are using sophisticated encryption techniques to keep their products from being detected, and are writing them in such a way that the encryption key is unique for every computer that it installs itself on.
Traditional anti-virus programs rely on something called signatures. A signature is basically a uniquely identifying traits that make a particular malware program identifiable by the anti-virus software, so the AV software can remove the malware. If every malware installation is unique, a signature will not be able to detect it.
Fortunately, most Internet Security Suites contain multiple products, many of which are not dependent on recognizing a signature, but work by noticing the behavior of a program and blocking or disabling the program that exhibits the behavior of malware. None the less, the bar has been raised, and this makes it more important than ever to keep the malware OFF your computer in the first place.Share