Amazing' worm attack infects 9 million PCs

January 16, 2009 (Computerworld) Calling the scope of the attack "amazing," security researchers at F-Secure Corp. (http://www.computerworld.com/action/inform.do?command=search&searchTerms=F-Secure+Corporation) today said that 6.5 million Windows PCs have been infected by the "Downadup" worm in the last four days, and that nearly 9 million have been compromised in just over two weeks...

full article

http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9126205&taxonomyId=17&intsrc=kc_top

Thanks for the post. Important info.

Followup: anybody reading the article and considering using the Microsoft MSRT should be aware of things such as this (http://www.heise-online.co.uk/security/MS-Malicious-Software-Removal-Tool-damages-harmless-software--/news/112226). This does not mean you should not run it, but do some research first to determine at what cost.

unsurprisingly most of the Infected PCs to date have been in China, Brazil and India. Countries with a known piracy issue.

Also it's now four weeks since this patch came out, it's downloaded as part of the Windows Updates.

Finally the solution to remove this infection is known but is considered illegal to use it.

MS MSRT is run automatically when you do your monthly updates unless you choose otherwise.

The virus appears to be a dud:

http://apnews.myway.com//article/20090117/D95P3J202.html

We were battling this about two weeks ago in our company of about 8000 employees.

Biggest problem it created was it kept locking everyones user accounts from attempting log-ons. It was also very difficult to remove as Anti-Virus did not always catch it and the virus sat dormant for a while.

I'm not sure what the exact solutrions came out to be, but I know Microsoft and Norton both created new downloads that our company installed to every computer. They also needed to automate the fixing for the account lockouts that kept occuring.

Finally all external devices such as USB memory cards and even phones were prevented from being plugged into computers.

Since I haven't had my account lock out for over a week now I assume it's under control.

Here's a link from Yahoo.

http://tech.yahoo.com/blogs/null/116396

And as has been pointed out in several reports about this virus, the most important safeguard you can do is to have the Microsoft patch installed on your system.

If you keep your OS up to date, run a firewall and virus protection and don't engage in risky behavior (yes, porn counts!) then the odds of getting a virus are very slim.