Tyler Reguly over at ComputerDefense.org saw our weblog post on the missed VB100 test. We mentioned there that we release about six updates per day. He felt that it was overkill to do that many updates based on our number of new virus descriptions. The fact is that we normally only create descriptions for malware that are widespread, that are unique, that we get questions about, or that get mentioned in the media. It has little to do with the amount of new malware our products detect.
As previously mentioned, we do about six updates per day. Yesterday we released four, the day before that there were eleven updates. And in every individual update, we might add as little as one to as many as 250 plus malware detections. On average it's about 300 new detections per day. And we do this regardless of the malware being widespread or not. We definitely release an urgent update if something is spreading actively, but even if it isn't, why would we wait for a full day or a week before releasing an update? The simple answer is that we don't, our job is to protect customers from all threats big and small, now, not later.
P.S. If you want to see our updates and what we've added to them you can head over to our discussion forum where we automatically post an entry about each update. Alternatively, you can subscribe to this feed.