I just reread your post and wanted to point something out, this worm has nothing to do with windows <xxx> per se, but rather SQL Server 2000 or MS 'Desktop Edition' (MSDE) SQL Server. And that if people properly administered their boxes by applying freely and easily available service packs and hotfixes, this worm would have been a nonevent.

The majority of users have no need to be concerned about this worm since most of them do not run SQL Server 2000 or MSDE. For this reason, the AVERT (McAfee) rated the worm as a severe risk to corporate users and minimal to normal users. As a side note, even if McAfee and Symantec have signatures available to detect this, the vulnerability is so easily patched, it would IMHO be wiser to just patch your system (and then slap yourself for not applying a patch that has been around for at least 5-6 months).

Wanted to clear that up before some people started to panic about their desktop M$ box being vulnerable ...

/nebulus