Microsofts Malware Solution: Rebuild

Opinion: Due to the inherent mysteries and openness of Windows, relentless and adaptive malware invasions always return to find a place and latch on.

You have heard the analogy about Microsoft Windows and the auto industry. Something like, if cars were built like Windows, they would crash twice a day. While crashing (computers) isnt as much of a problem anymore, infestations of spyware and rootkits are. Even if they are detected, they can be very difficult to remove.

The scenario would be similar to your car developing a small leak somewhere that drained performance but could not be located, or like that rattle you hear but the mechanic doesnt. But even with these unfixable problems, you wouldnt consider pushing your car off a cliff, or would you?

In a way, thats Microsofts latest advice for dealing with Windows malware, reports Senior Writer Ryan Naraine. At InfoSec World in Orlando, Fla., Microsoft advocated wiping a hard drive clean and reinstalling the operating system.

"When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," said Mike Danseglio, Security Solutions group program manager at Microsoft, in Redmond, Wash.

This isnt exactly a novel approach. Ive reinstalled Windows on my home machines many times, and they do perform better—for a while. The point is, due to the inherent mysteries and openness of Windows, relentless and adaptive malware invasions always return to find a place and latch on.

Like the Borg of "Star Trek," they assimilate, and resistance is futile. "Weve seen the self-healing malware that actually detects that youre trying to get rid of it. You remove it, and the next time you look in that directory, its sitting there," Danseglio said.

As the IT world anxiously awaits Vista, lets not lay this completely at the feet of Microsoft. According to many studies, notably the Computing Technology Industry Associations, user errors or violations of corporate security policy are still the No. 1 way in for malware.

Microsoft cant drive the machine for the user, but everyone from corporate IT managers to HR executives needs to do a better job of education. Microsoft and all enterprises need to manage fewer electrical or computer engineers and more social engineers—to save the computers from themselves.

Contact Scot Petersen at


Check out eWEEK.coms for the latest news, reviews and analysis about productivity and business solutions.

Scot Petersen

Scot Petersen

Scot Petersen is a technology analyst at Ziff Brothers Investments, a private investment firm. Prior to joining Ziff Brothers, Scot was the editorial director, Business Applications & Architecture,...