[G3]-TechNews : Home| RSS | Atom | MSN | WAP

Article: Step-by-Step Guide: How to set up a VPN
Article: Download: Microsoft Monad (Beta)
Article: Building a 64-Bit Multimedia Workstation
Article: Coming Soon to Windows: The Microsoft Shell (MSH)
Article: How to Reset Win NT / 2000 / XP Administrator Password
Article: The Technology Behind Dual Core CPUs
Article: How-To: Wireless Network Security
Article: Article: PCI Express - technology backgrounder
Article: Tutorial: Access Hidden Files on Your iPod
Article: Troubleshooting drivers with XP's hidden Driver Verifier Manager
Article: How to Make a 5 in 1 Network Cable
Article: Comparison - Blu-ray & HD DVD
Article: Beginners Guides Linux : Part 1 | Part 2 | Part 3
Article: How To Crack WEP (Wired Equivalent Privacy)
Article: Email Addresses Spoofing.
Link: Free PHP ebook
Link: FREE ASP.NET books and eLearning course
Link: Free registration code for Opera 8.
Invitations: Gazzag (Here) | Yahoo! 360 (Here)  | Orkut (Here)

Sasser Worm Anniversary.
Contributed by: G3nu1n3, at 5/22/2005 01:18:00 PM.

This is from The Microsoft Security Response Center Blog ...

It’s been just over a year since we experienced our last major network worm outbreak, Sasser, which exploited vulnerability in the LSASS component of Windows in April 2004.

On the security response team at Microsoft, it is part of our process to do post mortems after incidents or outbreaks and review how we can better manage these incidents more effectively for customers. We did that after Slammer, which actually prompted the development of our Software Security Incident Response Plan; we did it exhaustively for months after Blaster; and again after Sasser.

It's interesting to chart how much more effective we’ve become after each incident. When Blaster happened in August 2003, we were just in the implementation stages of a security incident response process – and it is fair to say that we did not have all the pieces in place yet when that worm attacked millions of customers around the world. Consequently, it took 38 long and painful days for our customers and for us before recovery. After Blaster, we spent many, many hours in post mortem and to learn how to refine our processes. We also spent many hours throughout the company drilling on our incident response process – making sure that we were prepared and able to mobilize worldwide – across product groups, subsidiaries – through all parts of the company if a significant outbreak occurs. So when Sasser broke out we fully exercised our worldwide mobilization process – paging and waking up stakeholders and account managers around the world to get critical remediation information and tools to customers immediately. Because of the improvements in our processes, time to recover for Sasser was 5 days compared to 38 days for Blaster. And of course, through our work with law enforcement – sharing our forensic analytics - we were able to assist in the arrest of the individual responsible for unleashing Sasser just 7 days after the attack.

Our response process continues to evolve and has reached still a new level of maturity in the last year since Sasser. We regularly review and refine as part of our ongoing commitment – which is deeply felt by everyone on the team - to help keep customers secure.

View: Sasser Worm Anniversary & MSRC Learnings

To Read MOST UPDATED News Items browse to HOME page.


Post a Comment

<< Home

[G3]-TechNews : Home| RSS | Atom | MSN | WAP

Archives :

- Monthly Archives :

- Post Count: 1,783 before June 1, 2005. (Since: October 26, 2004)