So let me get this straight. Companies produce bad software that is vulnerable to online attacks, and that often gives the attackers root access to the OS.
Then they put this software on line so it can be attacked and often give root access to the attackers.
Then when users of this software are attacked and bad things happen, they demand action from government to stop the attacks, while ignoring the fact that they would be secure if
1. The software wasn't crap.
2. The software wasn't on line.
3. They were too stupid to realize 1 and 2.
Hold software developers responsible for their failures and software will become secure overnight.