(MoneyWatch) Using up-to-date anti-virus software is the cornerstone of computer security, not to mention simple common sense. Or perhaps not. A recent study by security research firm Imperva startlingly concludes just the opposite: Anti-virus software is so universally ineffective that it's just a waste of money.
In the study, which was conducted by the University of Tel Aviv in Israel, 40 anti-virus products were tested against 80 fresh, uncatalogued threats from malicious software code. What percentage of this malware did the anti-virus technology initially detect? Nearly zero.
The study then assessed if the 40 products got any better at detecting these threats over time, as their databases were updated. They were all re-tested over a span of weeks, but the anti-virus software showed little improvement. It took an average of four weeks for malware to become detectable, and overall performance remained quite low. In particular, a dozen poorly detected malware files were still not detected by half of the products even weeks later.
Drawing on these results, the Imperva study does recommend a pair of free antivirus products -- Avast and Emisoft -- over commercial products, though the firm does point out that these programs are particularly susceptible to false positives.
So what does this mean for your computer security planning? Certainly, it shouldn't signal an end to your use of anti-virus software, and even Imperva does not recommend eliminating anti-virus tools from your security toolkit. Moreover, this is a single study, and there are questions about its validity. Kaspersky Labs, whose own anti-virus product was included in the study, had this to say about the testing methodology:
[There is a] significant drawback in Imperva's testing methodology which makes it impossible to take these test results seriously. When scanning for potentially dangerous files, the Virus Total service used by Imperva's specialists does not use the full versions of antivirus products, but merely relies on a standalone scanner. This approach means that the majority of protection technologies available in modern antivirus software are simply ignored. This also affects proactive technologies designed to detect new, unknown threats.
We've long recommended anti-malware software -- commercial or free -- and continue to say that any protection is better than none, as long as it's consistently updated.