Despite the dire predictions of security remaining an issue, panelists noted progress and cited solutions. Offline scanning, for example, is an effective tool for a system infected with a rootkit, Braverman said.

Companies, meanwhile, need to enforce restriction policies on software being installed on their computers, Russinovich said. "The trend that I see here in a corporate environment is the only way to really remain safe is to enforce application execution policy across your desktops," said Russinovich. He acknowledged his company offers products for this purpose and that his remarks may be viewed as self-promoting.

Microsoft's Antimalware Team recognizes that given the amount of malware existing, it is not feasible to look into every variant. For example, the company has seen 2,000 variants of the Win32/Rbot per month, Braverman said. But Microsoft is working on signatures to combat Rbots.

Fighting malicious software is a battle that can be won, said Christopher Budd, a Microsoft security program manager. Braverman added that progress is being made but more needs to be done. The company is seeing an average decrease of malware variants that it knows about, he said. Tools available are having an impact, he said.

Malware authors, meanwhile, are being forced into a smaller box, Russinovich said. "Before, they could write whatever kind of crap and it would detect people's machines," Russinovich said. "Now, that's becoming much more difficult."