People tell me I bash Microsoft too much; that Microsofts products really are great. OK, so I wont bash Microsoft this time around.
Ill let Microsofts own friends do it.
Lets start with Mike Danseglio, program manager in Microsofts Security Solutions group.
In early April at the InfoSec World conference, Danseglio was talking about Windows security.
He said, “When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit.”
In other words, Windows users may have no choice but to wipe their systems down to the bare metal and then reinstall the operating system and applications.
In one case, Danseglio said, a branch of the U.S. government had a malware infestation on more than 2,000 client machines that “was so severe that trying to recover was meaningless. They did not have an automated process to wipe and rebuild the systems, so it became a burden. They had to design a process real fast.”
Thats great. If you run Windows, Microsoft is telling you that you may need to have a network process set up to blow away your systems and restore them automatically.
Lets take that a step farther. You also cant trust your data backups, because they might have malware hiding on them.
Youll also need to keep your Windows systems constantly updated, because an unpatched XP system thats exposed to the Internet, according to a recent Symantec study, lasted only an hour and 12 seconds before being compromised.