Microsoft recently published the new Malware Response Guide, officially known as the Infrastructure Planning and Design Guide for Malware Response.
I reviewed this guide in its beta stages a few months ago and it was a great read and a very useful guide. If you have limited “official” procedures in place for handling infections on workstations, this is a great way to start that discussion with team members and use some of the tools mentioned to develop a plan that is specific to your organization.
I think the structure is well thought out and very logical. One can easily switch to the course of action that fits the needs of the user and the organization, as well as follow the instructions for preparing an offline scanning kit. I also appreciate the recommendations for additional reading so that I can go more in depth for the products I’m using.
While this guide likely won’t change my organizations use of a third-party solution at this time, it greatly complements it by providing other tools from Microsoft that can support my existing tools, or give me an alternate set of tools if my vendor isn’t as quick to produce a particular solution for new malware.
I think this guide shows that Microsoft is willing to support systems in all types of scenarios and the information is not written to exclude organizations who aren’t committed to only Microsoft software. It provides great processes and talking points to bring any organization closer to having a more cohesive malware response plan. Take a moment to download it and check it out.