The software giant is calling for a collective health policy to certify a computer's health and restrict the Internet access of PCs infected with malware.
The problem with PCs infected with bots has stymied security professionals ever since botnets came into wide use among cyber criminals. Attempts to shut down the command-and-control servers only temporarily have any effect, and investigators take months -- or years -- to nab the those responsible for the attacks.
Now Microsoft is arguing that the security community needs to develop a collective health policy to restrict sick PCs -- those infected with malware -- from connecting to the Internet.
"Just as when an individual who is not vaccinated puts others' health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society," Scott Charney, Microsoft's corporate vice president of Trustworthy Computing, says in a blog post published Tuesday.
The idea is not new. Many security experts have talked about quarantining infected computers. Research has shown that quarantining compromised computers on the top-50 networks showing signs of infection could eliminate half of all bots. Companies that run network access control (NAC) systems can restrict computers from connecting to their network if they don't have up-to-date security software or do not meet other requirements.
However, such policies rely on the Internet service provider to be the enforcer and cut off customers from the Internet. The problem is customers then require support, which raises the ISP's costs tremendously.
It may be good. I think people would cry and scream at first UNTIL they got used to watching where they go, making sure they have the current detection software on their computers and doing regular scans of the drives for any naughty things trying to hide. It would definitely increase the business of people like the Nerd Herd.