The new anti-virus engine carries the internal version number 5.5.2.10 (previous one was 5.5.1.3) and works with the latest new malware database format v15.
Key features of version 5.5.2.10
- Script Engine
With the new Javascript normalizator in the engine, it is now possible to remove most of the obfuscation from malicious JavaScripts. The new normalizator can remove simple obfuscation like renaming functions and variables, and advanced ones like using regular expressions and the built in eval() function or adding random dead code into the body of the script. - Added digital signature validation to avoid false positive detection
Avoiding false positives are equally important to malicious files detection. For this reason, in the latest version of our anti-virus engine, we have introduced digital signature checking for potential malicious files. The antivirus database now contains a list of trusted vendors with their digital signatures, and the list is constantly maintained and updated by our experts at the viruslab. The engine will never report any file with a valid trusted digital signature as malicious.
Other changes since 5.5.1.3
Core:- Improved HTML parsing
- Improved VBScript normalizator
- Fixed some rare crash on malicious UPX-packed files
- Improved AsPack decompression
- Improved Inno Setup handling
- Fixed a rare crash on some JavaScript malware samples
NB! Users of Outpost anti-virus products (including Outpost Free/Pro/AV Service/Network editions, in any case of license statement — trial/promo/active) should receive this minor upgrade automatically.
6 comments:
Do you updates on the engine in Outpost Firewall anti-spyware?
This upgrade is related only to antivirus engine. Outpost Firewall Pro does not have antivirus implemented.
Results of latest RAP test (Agnitum on the bottom - again):
http://www.virusbtn.com/vb100/RAP/RAP-quadrant-Dec11-Jun12-large.jpg
We never relied solely on proactive protection, providing the complex means of detection. RAP tests of VirusBulletin require the product not to be updated for three weeks this does not normally occur among real users. We consider the period of one week to be reasonable for the heuristics analyzer testing.
As I understand the way RAP works, it's not a "3 weeks out of date" test, but a test of samples 1, 2, and 3 weeks older than update date (The Reactive bit, on "all samples" rather than wildlist), and 1 week after update date (The "Proactive"). So the Procative score represents heuristic/generic detection capabilities only, while the Reactive represents the level of coverage of non-prevalent malware - one that scores high here will better resist the "attack tests" favoured by one youtube reviewer.
Being beaten in RAP by Microsoft Security Essentials, which many seem to place as the benchmark of adequacy, should be an embarrassment.
Could you provide the link to the results of the test you mention in your post?
Post a Comment