Originally posted here by Plastic
oooh.. that's interesting, I didn't know that. whoever programmed it is retarded then, if they got the most crucial part of the DDoS attack wrong, haha
It's not incorrect. Windowsupdate.com is a redirect to the real site when the worm was created. There will still be huge slowdowns as people still clamour to get the patch. If admins of networks are smart, they download the patch to a central location and distribute it from there.

Plus, I'm sure that a variant is in the works that would go to both. The more they close, the more ideas will crop up. The big thing is for people to stay aware.

In fact, if you look at the fact that they give about a week from release to the target date it makes one wonder if the worm was done to a) encourage admins to patch ASAP (so we don't see repeats of Sapphire -- 6 month old hole that no one patched for SQL) b) to see how the industry/MS would react to this situation. Nothing like prodding something to see the effect.