Jump to content

Recommended Posts

  • Most Valued Members
Posted

Hi there

I was just wondering the other day if virus signatures are ever deleted? As definitions are updated daily, I've seen some worry that definitions could become too big. Some due to this prefer whitelisting but it has its flaws. So I was curious if signatures ever get deleted e.g. if a virus is extremely old, possibly designed for a system no longer used or a version of an operating system no longer supported etc. 

From the basics that I do know, some signatures are sometimes merged together e.g. signatures based on the same or similar virus but that's all I know.

  • Administrators
Posted

Yes. Especially trivial detections are replaced with more sophisticated ones that can cover many more variants of the malware.

  • Most Valued Members
Posted
1 hour ago, Marcos said:

Yes. Especially trivial detections are replaced with more sophisticated ones that can cover many more variants of the malware.

What about old malware e.g. something from 10, 20 years ago. Do AVs need to protect against these in the chance someone is infected 

  • Administrators
Posted
6 minutes ago, peteyt said:

What about old malware e.g. something from 10, 20 years ago. Do AVs need to protect against these in the chance someone is infected 

We keep detections even for very old DOS (com) viruses.

  • Most Valued Members
Posted
On 4/19/2019 at 10:44 AM, Marcos said:

We keep detections even for very old DOS (com) viruses.

Nice to know. Hypothetically could a database ever become too large due to the amount of signatures or does the fact that one signature can cover multiple variants prevent this 

  • Administrators
Posted
13 hours ago, peteyt said:

Nice to know. Hypothetically could a database ever become too large due to the amount of signatures or does the fact that one signature can cover multiple variants prevent this 

It would take probably dozens of years for the engine to increase significantly. However, with technical advance and development also the limits change and the standard for hw configurations improves so a 100MB engine in let's say 5-10 years won't be a problem if an average amount of installed memory in office computers reaches 128 GB for instance.

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...