Tuesday, April 04, 2006

Wiping is the Only Choice: "Microsoft Says Recovery from Malware Becoming Impossible"

Folks often argued that there is this magical method of reliably cleaning malware (either viruses, worms or spyware) without rebuilidng the system. No, there never was! But now even Microsoft agrees: "In a rare discussion on the severity of the Windows malware scourge, a Microsoft security official said businesses should consider investing in an automated process to wipe hard drives and reinstall malware-infested operating systems."

read more digg story

1 comment:

Anonymous said...

Okay, so what happens? The admin *thinks* that a system is infected, so he wipes the drive and reinstalls the OS and apps, never having performed a root cause analysis. The system is placed back in service and gets reinfected.

Patches don't solve every issue...some issues (lack of or weak passwords, etc.) are configuration or procedural issues.

Wiping as a potential solution does not obviate the need for education and knowledge of the systems. With M$ coming out and saying this, they've had a serious impact on cybercrime...with an application to quickly reload the system, do you think that IT managers and admins will think twice about calling in the IR team, or law enforcement? Not even!

H. Carvey
http://windowsir.blogspot.com

Dr Anton Chuvakin