A security executive at Microsoft is suggesting a plan to limit internet access for malware-infected PCs.
In a recent report (PDF), Microsoft corporate vice president of Trustworthy Computing Scott Charney suggested that authorities and administrators adopt a model similar to that used by health officials when controlling infectious diseases.
"In the physical world, there are also international, national and local health systems that identify, track, and control the spread of disease including, where necessary, quarantining people to avoid the infection of others," wrote Charney.
"To improve the security of the internet, governments and industry could similarly engage in more methodical and systematic activities to improve and maintain the health of the population of devices in the computing ecosystem by promoting preventative measures, detecting infected devices, notifying affected users, enabling those users to treat devices that are infected with malware, and taking additional action to ensure that infected computers do not put other systems at risk," he added.
Malware botnets have become a major security concern in recent years. Infections such as Waledac and ZeuS have infected hundreds of thousands of systems and put both individuals and large enterprises at risk.
To help combat the spread of botnets, Charney suggests a system which could limit or completely block internet access for infected machines until the botn et malware is removed.
"Under this model, a consumer machine seeking to access the internet could be asked to present a 'health certificate' to demonstrate its state," he wrote.
"Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware."
Return to internet news headlines
View Internet News Archive