Downandup worm is infecting PCs all over the world in an exponential rate and F-Secure is estimating the infections to as high as 9 million infected machines already.
Downandup worm is coded to exploit the recent vulnerability of Microsoft Windows operating system.
“The number of Downandup infections are skyrocketing based on our calculations,” F-Secure’s Toni Kovunen said in a blog post Friday. “From an estimated 2.4 million infected machines to over 8.9 million during the last four days. That’s just amazing.”
“The situation with Downandup is not getting better,” he added. “It’s getting worse.”
Infected operating systems are Windows 2000, XP and Server 2003. Aside from acquiring the worm from malicius website, the worm also spread via flash and network drives.
In October, Microsoft took the unusual step of issuing an out-of-band Security Bulletin, MS08-067, for a vulnerability affecting its Server service.
“Because the vulnerability is potentially wormable on those older versions of Windows [XP and earlier], we’re encouraging customers to test and deploy the update as soon as possible,” said Christopher Budd, a Microsoft Security Response Center security program manager, in a blog post.
The Worm manages to evade security detection by incorporating lots of defensive steps such as disabling various Windows security, updating, and networking features. It blocks access to security-related domains on the Internet. And it modifies networking settings to speed up its ability to copy itself to other computers.
Microsoft encourages Windows users to periodically update their system through Windows own automatic update. Only few people update their system on time.