The worm-type exploitation has started. More information at http://www.f-secure.com/weblog/archives/00001526.html The worm component has reportdly detection name Exploit.Win32.MS08-067.g and the kernel component Rootkit.Win32.KernelBot.dg, in turn. Symantec uses Worm category too and the name W32.Wecorl: http://www.symantec.com/business/security_response/writeup.jsp?docid=2008-110306-2212-99&tabid=2 Juha-Matti