Microsoft's swift response nabbed Sasser suspect
When indications of a worm exploiting the LSASS vulnerability in Windows surfaced April 30, the staff at Microsoft Corp.'s Security Response Center didn't hesitate; they knew exactly what to do.
Within an hour of the first reports of the worm, which would later come to be known as Sasser, Kevin Kean was on a conference call with the company's internal penetration testers, field representatives and partners in the Virus Information Alliance. The group went over details to determine whether the threat was serious enough to call out the heavy hitters and move into what's known as "immediate response" phase.
By Dennis Fisher at eWeek.
[ Read more ]