Third — It allows for Remote Code Execution, in numerous versions of Windows (particularly critical for 2000, XP, and Server 2003).
All of these combined factors equals something quite serious that should be patched as soon as possible. If you are having difficulties with Automatic Updates, the bulletin links to manual downloads.
It's always a good idea to be ready for out-of-band updates. You can subscribe to Microsoft Security Notifications here.
Downadup has "old school" worm functionality (no user interaction required), the likes of which we haven't really seen for a while now. It also knows some current tricks; it's a worm that spreads via the Internet, local area networks, and removable media. While it doesn't seem to be gaining very much traction on the Internet, it's rapidly spreading once it's inside of local area networks that aren't patched.
Alright, that covers prevention — what about those of you that have infected computers within your networks?
Remember, Downadup is a network worm.
You must clean all of the computers within your network or else you risk reinfections. Servers first, then workstations. Disinfect, then use the manual Microsoft update to patch, then manually update your antivirus, and then do a full system scan for all files.
Downadup uses random extensions for some of its components so you'll need to scan all file types on the system once you have disinfected.
If you use one of our Anti-Virus products, you can download our manual updates from here.
We have a disinfection tool that may assist in your efforts. It can be download from here. It's a command line utility and you should carefully review the included readme.txt file.
Updated Note: Downadup disables connectivity to a large number of security sites, update channels, as well as Microsoft Updates. You should confirm that these connections are reestablished once the computer is clean.
