The following fairly unscientific test may interest some of you.

Over the last 72 hours I received a number of zero-day viruses fresh from the wild. What has interested me is the state of play in virus signatures being created by the vendors....

Commercial vendors F-Secure and Avira were the quickest in analysing my file and pushing out new definitions .... they did so within 2-3 hours of me submitting the file. The rest of the vendors had updates by the end of the day, except for all the freebie providers Avast, AVG, Malwarebytes etc. who didn't release updates until the afternoon of the next day.

Interestingly enough, for two of my files, little known Vietnamese AV company CMC already had definitions.....

But what's more interesting is the current state of play, I've just re-analysed the original file from the 1st of October .....

The following vendors all have definitions :
AVG,‪Ad-Aware,‪Avast,‪Avira,‪Baidu-International,‪BitDefender,‪CMC,‪ESET-NOD32,‪Emsisoft,‪F-Secure,‪Fortinet,‪GData,‪Ikarus,‪Malwarebytes,‪McAfee,‪Micro World-eScan,‪NANO-Antivirus,‪Norman,‪Panda,‪Qihoo-360,‪Sophos

But the virus still goes undetected in the following :
AVware,‪AegisLab,‪Agnitum,‪AhnLab-V3,‪Antiy-AVL,‪Bkav,‪ByteHero,‪CAT-QuickHeal,‪ClamAV,‪Comodo,‪Cyren,‪DrWeb,‪F-Prot,‪Jiangmin,‪K7AntiVirus,‪K7GW,‪Kaspersky,‪Kingsoft,‪McAf ee-GW-Edition,‪Microsoft,‪Rising,‪SUPERAntiSpyware,‪Symantec,‪Tenc ent,‪TheHacker,‪TotalDefense,‪TrendMicro,‪TrendMicro-HouseCall,‪VBA32,‪VIPRE,‪ViRobot,‪Zillya,‪Zoner


So I guess the old story remains with unsolicited attachments .... caveat emptor. Looks like the virus writers are currently temporarily ahead in the game at the moment....