[LUG] Infected Windows PC? Just nuke it says M$

[Kiggundu Mukasa]

http://www.theregister.co.uk/2006/04/05/ms_security_mea_culpa/ Forget repairing virus infected systems, says MS security manager By John Leyden Published Wednesday 5th April 2006 12:51 GMT New year, new job? Click here for thousands of tech vacancies. The latest types of malware are so potent that organisations should forget about trying to cleanse infected systems, a top Microsoft security officer has advised. Mike Danseglio, a program manager in Microsoft's security group, said firms should think about establishing a process for backup and recovering rather than relying on anti-virus tools as a way of recovering from malware infection. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," Mike Danseglio, a program manager in Microsoft's security group, told a security conference in Florida. Rootkits - forms of malware that attempt to hide their presence on infected systems - are becoming more commonplace. Danseglio argued that such tactics made it too difficult to ensure that infected systems were fully repaired. He cited the example of an unnamed US government agency that found itself trying to fix 2,000 infected machines. "In that case, it was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast," Danseglio said, eWeek reports...... ****************                   ***************************** Kiggundu Mukasa                # Computer Network Consultancy### KYM-NET LTD.                   # Intranets & Internet Solutions# Plot 80 Kanjokya Street P.O. Box 24284 Kampala, Uganda              Tel:     +256 77 972255          +256 71 221141 Fax:     +256 31 262122 *****************************************************************

PGP.sig
Description: This is a digitally signed message part

_______________________________________________
LUG mailing list
LUG@linux.or.ug
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/

The above comments and data are owned by whoever posted them (including 
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------