By detecting some typical exploit pattern, the exploit kit itself, the malware the exploit eventually ends up downloading and executing, or even the malicious host itself. There might be other ways too, but those at least are the most typical ways.

An antivirus definition file is a lot easier to update than a browser component that is exploited. The latter generally involves a lot more testing, whereas the former is essentially just metadata.