A paper from Microsoft Research (MSR), first published last summer, is getting new interest after MSR's internal TechFest last week. The idea is that hosts would analyze traffic hitting them and automatically broadcast alerts. While false negatives can mean that many hosts will not detect the worm, doing this across a large group of machines means that some hosts will detect it and start broadcasting the self-certifying alerts. Of course there are a ton of issues with this approach but the authors have done a good job of going through the threats and countermeasures. It's a really interesting idea and I hope that they continue with the research.