Personal computing discussed

Moderators: renee, Flying Fox, Ryu Connor

 
meerkt
Gerbil Jedi
Topic Author
Posts: 1754
Joined: Sun Aug 25, 2013 2:55 am

Size of full Defender virus def db fluctuates wildly?

Tue Apr 02, 2019 12:10 pm

It's puzzling how the size of Microsoft's Defender full definition db doesn't grow continuously, considering the number of virus signatures grows should grow over time. There's a limit to what can be gained from improved compression or definition formats.

Recently there was a strange big drop:

2018/09 database: 200 MB
2018/12 (I think it was): 160 MB
2019/03: 80 MB
2019/04: 120 MB

If they regularly prune older viruses, doesn't that defeat the idea?
Last edited by meerkt on Wed Apr 03, 2019 1:36 pm, edited 1 time in total.
 
roncat
Gerbil First Class
Posts: 148
Joined: Wed Dec 14, 2016 8:29 am

Re: Size of full Defender virus def db fluctuates wildly?

Tue Apr 02, 2019 12:23 pm

I would hope they would patch some vulnerabilities, so the need to scan for that particular virus goes away... or they just EOL any remaining vulnerable systems (sorry, DOS 6.22).
 
meerkt
Gerbil Jedi
Topic Author
Posts: 1754
Joined: Sun Aug 25, 2013 2:55 am

Re: Size of full Defender virus def db fluctuates wildly?

Tue Apr 02, 2019 12:46 pm

Viruses need to be detected even if a vulnerability they relied on was fixed.
I don't think the 60% decrease in size was due to dropping DOS viruses. :)
 
ozzuneoj
Gerbil Elite
Posts: 542
Joined: Tue Jan 21, 2014 1:27 pm

Re: Size of full Defender virus def db fluctuates wildly?

Wed Apr 03, 2019 1:22 pm

That is really strange. I'd love to read an explanation of this.
Fractal Design Define R6 - Ryzen 5 3600 - Gigabyte Aorus X570 Elite - 16GB DDR4-3000 - PNY GTX 970
IBM 5150 - Intel 8088 4.77Mhz + TinyTurbo 286 7.16Mhz - 256K onboard + AST SixPakPlus 384K - 20MB Miniscribe MFM - Everex EV-659 EGA + Parallel
 
meerkt
Gerbil Jedi
Topic Author
Posts: 1754
Joined: Sun Aug 25, 2013 2:55 am

Re: Size of full Defender virus def db fluctuates wildly?

Wed Apr 03, 2019 1:58 pm

FWIW, I tested it with 36 DOS viruses, including in .COM files. It failed to detect only 1.
Two were deemed Win32 for some reason, the rest as expected.

Trivia: The one it missed was also undetected by AVG, Avast, Kaspersky, but was recognized by ESET, McAfee, and Symantec.
 
roncat
Gerbil First Class
Posts: 148
Joined: Wed Dec 14, 2016 8:29 am

Re: Size of full Defender virus def db fluctuates wildly?

Wed Apr 03, 2019 2:16 pm

Defender must be able to support that thumb drive with a bootable DOS 6.22 image on it... no wonder the virus file is so large.
 
Arvald
Gerbil Elite
Posts: 761
Joined: Tue Sep 27, 2011 12:14 pm
Location: Gerbil-land, Canada

Re: Size of full Defender virus def db fluctuates wildly?

Thu Apr 04, 2019 2:33 pm

My guess would be the db grows incrementally with new definitions then every once and a while they incorporate them into a core database.
 
meerkt
Gerbil Jedi
Topic Author
Posts: 1754
Joined: Sun Aug 25, 2013 2:55 am

Re: Size of full Defender virus def db fluctuates wildly?

Tue Aug 20, 2019 4:24 pm

Also the core db decreases in size.

Anyway, still curious.

2019/6/1 150MB
   mpasbase.vdm 45MB
   mpasdlta.vdm  8MB
   mpavbase.vdm 77MB
   mpavdlta.vdm 12MB
   mpengine.dll 15MB

2019/8/20 114MB
   mpasbase.vdm 51MB
   mpasdlta.vdm  7MB
   mpavbase.vdm 40MB
   mpavdlta.vdm 10MB
   mpengine.dll 14MB

Who is online

Users browsing this forum: No registered users and 9 guests
GZIP: On