Antivirus (AV) vendors must cooperate and focus on the end user when creating AV products, says Dennis Batchelder, Microsoft Malware Protection Center, director.
At a conference of the Association of Antivirus Asia Researchers in Sydney, he said the overall number of computers affected by the top 20 families of malware has dropped from 24 million a month to 13 million a month in the last two years, and this improvement is partly due to better cooperation among security companies.
Batchelder says companies have become much better at automatically processing new malware samples and analysing it using big data and cloud computing.
Experts say standard antivirus software for consumers can miss highly targeted attacks, but it can still block standard malware that targets login credentials or personal data and is a key product for AV vendors, says Batchelder. However, vendors must be careful AV doesn’t turn into unwanted software.
He says in the past year he's seen a number of antivirus products surrounded by unrelated software. For instance, a legitimate AV with a fake Java update.
In China, he says, some AV vendors have engineered their products to remove products by competitors in the customer’s computer.
If a software company isn’t a pure play security vendor and offers other products such as a search toolbar, customers may have to remove another application to run an AV program, Batchelder says.
This turns AV into a weapon and can hurt customers, he says. Marketing departments have to be held accountable and the focus should be redirected to customer needs, he says.