My group didn't write this... that is, I don't think we did, although this may have come out of our Consumer team. But it is pretty good, basic advice for students that are heading off to school with their new laptops.
School is in: 7 computer security tips for students
A paper from Microsoft Research (MSR), first published last summer, is getting new interest after MSR's internal TechFest last week. The idea is that hosts would analyze traffic hitting them and automatically broadcast alerts. While false negatives can mean that many hosts will not detect the worm, doing this across a large group of machines means that some hosts will detect it and start broadcasting the self-certifying alerts. Of course there are a ton of issues with this approach but the authors have done a good job of going through the threats and countermeasures. It's a really interesting idea and I hope that they continue with the research.
If you're wondering how Microsoft bakes security into its software development practices, this paper (by one of the co-authors of "Writing Secure Code") takes you through the process. This is far more than a guide for individual developers; it goes through the organization stucture and processes necessary to make this work for large software development projects.
Link: MSDN Security Developer Center: The Trustworthy Computing Security Development Lifecycle
My team just released a new security guide: Server & Domain Isolation Using IPSec and Group Policy. This soluton, aimed at enterprise IT Pros, is focused on how you can use IPSec and Group Policy to secure the data connections between systems. One of the key threats that this can mitigate is the rogue computer, infected with a worm, that gets connected to a corporate wired network and, even without authentication, receives an IP address and attempts to find an infect other systems.
Please let me know what you think!