F-Secure has been tracking the Downadup worm, a retro-style malware threat that spreads in part by exploiting vulnerabillties in certain Windows services' handling of malformed RPC requests. Downadup also spreads as an autorun worm and by launching dictionary-style attacks on weakly protected network shares. A new variant of the worm, Downadup.AL, appeared just before New Year's. According to F-Secure's calculations, this latest worm has now reached over 3.5 million victim PCs. The heaviest concentration of victim PCs appear to be in China, Brazil, and Russia.
Your best defense? Install Microsoft MS08-067 which patches the RPC flaw exploited in the attacks, disable autorun completely, and use strong passwords. Already infected with Downadup? F-Secure provides a free Downadup removal tool.