When a virus, worm or other type of malicious software hits a network, the standard procedure for remediating the attack is to disable and delete the virus, and then apply the proper Microsoft-supplied Windows patch. However, infected systems can become so overloaded by a virus that they’re unable to apply the required patches and hot fixes. In these cases, you must remove the system from the network and then manually terminate the virus process and clean the infected system. This procedure often involves a physical visit to each infected machine, which can quickly accumulate into hours spent fighting the attack.
Using patented Access Control List (ACL) management technology called File Cratering, Lieberman RED – Rapid Enterprise Defense Systems Management can identify and block malicious software from executing on client systems. This renders the malware harmless and prevents propagation throughout the Windows network.
To use Cratering, select any file on a Windows host and set the permissions to Everyone:Deny Full-Control, then automatically reboot the machine. The program – whether it’s malware or an application that violates your organization’s security policies – won’t be allowed to start when the machine reboots.
You can even take the proactive step of using Cratering to insert a series of files with known virus names that are ACL locked-out on all machines. If known malware attempts to infect the system, it will be unable to do so because a locked file has already taken its place.