This is why a majority of reputable antivirus programs make it a point to notify their users when their virus definitions go out-of-date. They do this because updated virus signatures are essential to detecting and ridding a computer of compromised programs, and because it helps strengthen the trustworthiness of their brand. After all, would you trust an anti-virus program that failed to stay abreast of changes and alert you with every potential threat?
Even still, users must take into account that a virus definition may not always be immediately identified. Some threats go unnoticed when released in the wild, while others must be confirmed. Security vendors do this by periodically consulting an online master list of virus definitions.
This procedure is quite the norm and goes a long way in generating heuristics capable of identifying known viruses, regardless of their stealth. No active form of malware is an exact replication of a virus definition (or even itself, for that matter) but very well may share a few things in common with it. This enough to make an antivirus program effective, and to enable it to flag files as “suspicious” or potentially unwanted.
While this certainly provides the security we’ve come to expect of antivirus software, it sometimes may lead to false alarms (often called “false positives” in security circles). It is well-worth it though, especially when considering the many times a stored virus definition has warded off a malicious attack. The good news is that with time, the accuracy of heuristics improves. Feedback provided by users and antivirus developers is used to either whitelist or blacklist files. Merging this information with virus definitions provides antivirus software with higher degrees of precision. One can never assume, however, this is a foolproof system.
This is because updated virus signatures, real-time scanning and detection of emerging threats must work in unison to really be effective. A computer, mobile device or any machine with Internet capabilities will otherwise become vulnerable should any of these components become out of sync with the latest developments.
But of all these factors, the virus definition is arguably the most important. Keeping it up-to-date is absolutely critical in protecting your system from the onslaught of malware. Doing so is comparable to taking out insurance on your hardware while keeping it in good shape at the same time. Most of the best antivirus programs will do this for you. The security industry is a competitive one, and vendors are constantly looking for ways to improve their products and user experience (UX). This translates into making your life easier and worry-free.
No one antivirus product will probably ever rid the world completely of malware. Taking up this task would be equivalent to trying to curb hate and malicious intent. The idea is to get as close to these goals as possible—through sound process and policy. As it relates to the world of digital computers, the capturing and utilization of a virus definition is an important tool in helping us achieve that.