Every now and then I come across an article or blog posting arguing that Anti-Virus software is near useless and shouldn’t be bothered with because it can only protect you against known threats and not emerging threats. First of all modern Anti-Virus software, better called Anti-Malware these days, generally does provide some protection against emerging threats. More importantly, the malware that users are most at risk from are the known threats not the emerging threats. Put this in human terms. Do you skip the vaccines for Polio, Tetanus, Pneumonia, H1N1, etc. because they don’t protect against Ebola? Or a new swine fly virus? No. So you don’t want your computer protected from Conficker (a family of Worms that has been with us since 2008 and remains a major threat) or other known threats because somewhere in Russia, or China, or Peoria a hacker is about to release a piece of malware that won’t be blocked by your anti-malware software’s current signatures or other protections? Really?
The vast majority of threats on the Internet are known threats. Mostly they’ve been known about, and protected against, for years. They lurk on websites, file shares, email archives, and offline copies such as USB keys and DVDs waiting for an unprotected user to activate them. And the vast majority of new threats become “known threats” rather quickly and are thus “contained” by anti-malware software.
Keep in mind that like communicable human disease computer malware doesn’t appear everywhere all at once (although there are exceptions, like SQL Slammer that spread incredibly quickly in the primitive security environment that was in place in 2003). Thousands of machines might be infected by a new piece of Malware before it is discovered and Anti-Malware vendors update their products to block it. But there are 1.3 Billion PCs in the world (plus the 500+ Million very vulnerable Android devices out there). What are the odds that YOUR PC will be infected by a new piece of Malware before your Anti-Malware vendor updates their signatures? You should worry far more about lightning.
Unless of course you don’t have Anti-Malware software with real-time protection on your machine. Then your odds are more like standing in the middle of a golf course with a golf club thrust towards the sky while a thunderstorm passes directly overhead. Not smart for those trying to avoid being hit by lightning. Not any smarter for those trying to protect their computer from being infected by Malware.
At worst Anti-Malware software should be considered absolutely necessary but not sufficient for keeping a computer safe from Malware. In practice, when combined with a modern operating system (meaning Windows 7 or later in the Microsoft world), other built-in capabilities like the firewall, URL Filter (e.g., IE’s Smartscreen), automatic update of software, and even a minimal amount of attention paid to best practices for surfing the web and reading email, it will keep the typical PC free of Malware.