Winternals aims to reverse the effects of malicious-code attacks
Winternals aims to reverse the effects of malicious-code attacks
By Dave Kearns
Network World Windows Networking Tips Newsletter, 09/22/03
...
Winternals Software, which made a nice market for itself in the crash protection and system recovery market, recently released Winternals Recovery Manager (WRM) targeted at Windows Server 2003, XP, 2000, and NT4 systems. It allows network managers to quickly reverse the effects of malicious-code attacks while helping to mitigate the risks associated with emergency installation of critical updates. That's right, it protects from both the disease (worms, viruses) and the cure (patches)! You can get all the details at http://www.winternals.com/es/solutions/recoverymanager.asp but here are the highlights:
* Recovery Manager allows you to identify and undo changes to critical system files and settings.
* The Recovery Manager Boot Client can boot infected machines to an offline environment for safe and secure access, analysis, and repair, immediately suspending newly opened security holes, and preventing systems from further infecting themselves and others on the network.
* When an infected machine would otherwise require reinstallation or re-imaging, WRM provides a fast system repair option, reducing downtime and leaving application and user data intact.
* In the event that emergency installation of a critical update causes undesired behavior (e.g., the patch crashes your system), systems can be rolled back to previous working states, whether simultaneously in large groups, or individually.
* Recovery Manager even tracks and can undo system-level changes made by anti-virus solutions. More than a few of us have been unpleasantly surprised when our AV software did more damage than it prevented.
Entire article at
Network World