Emerging Threats

How does malware get past security software?

Authored by a Symantec employee


Have you ever run your Internet security software only to find out that there’s malware on your computer? How did it get there? When you’re running a full Internet security suite, it can be very frustrating to find out that, despite your best efforts, there’s malware on your computer anyway. The fight against malware is a complicated arms race of sorts. Here’s how it works.

Safety for every device.

Security is no longer a one-machine affair. You need a security suite that helps protect all your devices – your Windows PC, Mac, Android smartphone or your iPad.

The Four Components of the Malware Arms Race

There are three main players in the malware arms race:

Malware Coders:

The malware coders are, unfortunately, generally the winners of the arms race. They write malicious code exploiting existing vulnerabilities in software. Why? Sometimes for fun, sometimes for profit, but always in ways that are harmful to you and your online experience.

Internet Security Companies:

Internet security companies generally come in behind the malware codes in the arms race. Why? Because Internet security companies are plugging holes in the dam. To a certain extent their codes can anticipate what the malware of the future might look like, but for the most part they’re just combatting the malware that the bad guys are coming up with.

General Software Companies:

Internet security companies aren’t the only ones trying to prevent malware. No one wants their programs to be know for malware exploits. So everyone, from Apple and Microsoft down to your favorite startup app developer are looking for ways to keep their software secure. However, like the Internet security companies, they’re mostly playing catch up. Because they’re not companies dedicated entirely to preventing malware, their efforts will fall behind Internet security companies.

Where Did Your Malware Come From?

The biggest reason people get malware on their computer is because they haven’t been updating their Internet security suite, their operating system and other software. It’s absolutely crucial that you continually update your computer’s software at the earliest possible time.

Most malware is built around the security flaws in your operating system or applications that you’re using. Similarly, most updates you get for your operating system and apps are designed to plug up holes in the security that they found. Sometimes the software developers catch these flaws before any real damage can be done. The problem is, that if you’re not updating your security software, you’re not helping the developer to help you.

Internet security software companies are at the forefront of protecting against security flaws and malware. They can help you to detect malware that got on your computer because of a security exploit. However, the Internet security suite can’t do its job if you’re not updating it. Most updates that your Internet security suite gets are new definitions of malware. This is basically the footprint that malware leaves on your computer. If you’re not updating the Internet security suite, there’s no way that it’s going to be able to recognize an exploit that you picked up from a flaw in your operating system or other application.

Finally, even the best Internet security suite can’t protect you from infections that you initiate. For example, you might go to a website even after you’ve been warned that it contains malicious code. Or you might download an attachment from a spam email. Even clicking on the wrong link in an email can get malware off of the Internet and onto your computer. Put simply, there’s a level of common-sense due diligence every person has to do when they’re using the Internet.

How To Protect Yourself From Malware

To summarize, it’s important to protect yourself from malware, but it’s not as hard as you think:

  1. Always update your applications. Most importantly, update your operating system and your Internet security suite. To keep you safe, they need the most up-to-date information.
  2. Remember that malware often exploits existing security flaws. So even if it’s not your Internet security suite or operating system, it’s important to keep your software up to date.
  3. Don’t visit unsafe websites. Most Internet security suites include a component alerting you that the site you’re about to visit is unsafe. If not, use Norton Safe Web to see if you’re going to a website known for distributing malware.
  4. Don’t download attachments or click on links in unfamiliar emails.

If you can do those four things, you’re going to be one of the harder targets on the Internet when it comes to all kinds of malware.

Don’t wait until a threat strikes.

Security threats and malware lurk on Windows PCs, Macs, and Android and iOS devices. If you use more than one device – like most of us do – you need an all-in-one security suite. Meet Norton Security Premium.

Enjoy peace of mind on every device you use with Norton Security Premium.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.