Attackers introduce new malware on a daily basis. Eugene Kapersky, of Kapersky Lab, reports that there are currently around 360,000 new virus, Trojan, and other malicious files processed by Kapersky’s detection technologies every day. That represents a dramatic increase from just a few years ago. Today’s malware creators commonly use automated tools to craft new malware threats by automatically making small changes to existing malware. Essentially, the signature database downloaded last week can’t protect you from new threats that have emerged this week. If you update your antivirus or anti-spyware software only once a week, you could potentially be vulnerable to many new threats that attackers launched since you last downloaded the malware signature database.

When an attacker releases a new malware instance, the race against the clock begins. From the beginning, heuristic-based software may detect the activity and identify the software as malware. If the attacker designed a clever malware program, it could fool heuristic-based tools. Signature-based anti-malware tools will not identify this new threat until a signature for the threat is added to a signature database.

The largest number of potential victims occurs during a zero-day attack. A zero-day attack is malware that is actively exploiting an unknown vulnerability and one or more of the following is true:

• The malware’s actions have not been noticed and the vulnerability has not been discovered.

• The malware’s actions have been noticed but not identified as an attack.

• The malware and the vulnerability have been identified but no fix is available yet.

Organizations that produce anti-malware software strive to stay up to date on emerging threats, create rules and signatures to identify new threats, and develop mitigation actions for each threat. Each of these steps takes time. By the time a new signature database is released, several days or weeks could have elapsed since the malware was on the rampage. Because brand-new signature databases are several days behind zero-day attacks, it is vitally important that your anti-malware software and data be kept as current as possible.

Most antivirus and anti-spyware software have an option to automatically update the software and data. Ensure that you have enabled the automatic update option and have selected the minimum reasonable update frequency. Frequent updates will help keep your protection from malware at its highest level.