If you run Windows NT 4.0, Windows 2000, Windows XP, or Windows Server 2003, and you haven’t gone to Windows Update in the last few weeks, you may be vulnerable to a new worm that started spreading yesterday, W32.Blaster.Worm. This nasty little worm is spreading on machines that didn’t apply the MS03-026 patch, then replicating itself and apparently mounting an attack against WindowsUpdate.com. This post on Slashdot suggests that one sign of infection is that your machine will start showing a 60 second shutdown timer, and the comments provide some really good tips about dealing with the worm, including a way to abort the shutdown (by typing
shutdown /a at a command prompt) so you can apply the patch that works on some systems (though maybe not on Windows 2000). There’s also a worm removal tool on Symantec’s advisory page, if you suspect you’re already infected (though I would suggest downloading the patch first).
Tip: If you haven’t already patched your system and you can’t get to Windows Update to apply the patch, you may want to try going to the security advisory on TechNet, which points directly to the patch download location for your OS.
On a personal note, I wonder if this has something to do with the dog-slow performance I was having at home (Comcast DSL) yesterday and this morning.