UPDATE from IHT on this continuing story: Worm infects millions of computers worldwide.
"A new digital plague has hit the Internet, infecting millions of personal and business computers in what seems to be the first step of a multistage attack. The world's leading computer security experts do not yet know who programmed the infection, or what the next stage will be.
In recent weeks a worm, a malicious software program, has swept through corporate, educational and public computer networks around the world. Known as Conficker or Downadup, it is spread by a recently discovered Microsoft Windows vulnerability, by guessing network passwords and by hand-carried consumer gadgets like USB keys."
Get the Microsoft Critical Security Patch KB958644 here: Update
The BBC reports:"Experts are warning that hackers have yet to activate the payload of the Conficker virus. The worm is spreading through low security networks, memory sticks, and PCs without current security updates.
The malicious program - also known as Downadup or Kido - was first discovered in October 2008. Although the spread of the worm appears to be levelling off, there are fears someone could easily take control of any and all of the 9.5m infected PCs."
"According to Microsoft, the worm works by searching for a Windows executable file called "services.exe" and then becomes part of that code.
It then copies itself into the Windows system folder as a random file of a type known as a "dll". It gives itself a 5-8 character name, such as piftoc.dll, and then modifies the Registry, which lists key Windows settings, to run the infected dll file as a service. Once the worm is up and running, it creates an HTTP server, resets a machine's System Restore point (making it far harder to recover the infected system) and then downloads files from the hacker's web site."