First up, security . If you didn't patch for the Microsoft Windows Server RPC Handling Remote Code Execution Vulnerability last year, you could be targeted this year through a vulnerability that can be spread through USB ports.

Security researchers are warning of a worm dubbed Downadup. It appeared on Dec. 30 and can not only propagate by exploiting the vulnerability, but also by infected USB sticks and by exploiting weak passwords, according to Symantec.

The W32.Spybot, W32.Randex, and W32.Mytob variants all used almost identical methods to spread, the company said, but the new variant requires more effort to protect corporate networks.

Automatic Execution

"W32.Downadup.B creates an autorun.inf file on all mapped drives so that the threat automatically executes when the drive is accessed. The threat then monitors for drives that are connected to the compromised computer in order to create an autorun.inf file as soon as the drive becomes accessible," Symantec Security Response wrote on the company's blog on Friday.

The worm also monitors DNS requests to domains containing certain strings, and blocks access to those domains so it will appear that the network request timed out. According to Symantec, this means infected users may not be able to update their security software from those Web sites. That's a problem, the company warned, because worm authors generally dish out new variants constantly.

Symantec said it's seeing considerable detections of both variants of W32.Downadup and W32.Downadup.B. The infections are geographically widespread, with the highest infection rates typically in countries with high rates of computer and Internet usage.

"DownAdUp is reportedly getting worse in parts of Europe and Asia. We expect this worm family to slowly crawl through networks as it spreads through multiple vectors," said Ken Dunham, director of global response at iSight Partners. "The use of updated antivirus and patches against MS08-067 and other vulnerabilities will help to mitigate such attacks. Policies in managing thumb drives may also help in lowering risk for risks such as this worm and autoruns."

Getting Your Hands on Windows 7

Microsoft has released a fix for the Windows 7 MP3 corruption issue. The problem was first announced earlier this week. The issue is with Windows 7 build 7000, which was leaked a couple of weeks ago. When consumers play back MP3s using Windows Media Player 12, the data corrupts.

Users may have a hard time downloading the fix, though, because so many others are rushing to Microsoft's Web site to download the beta of Windows 7. Microsoft's servers are reportedly overloaded with visitors trying to download the new code. Microsoft CEO Steve Ballmer unveiled the public beta on Thursday, calling it "Vista a lot better."

However, browsers are turning up errors such as "connection interrupted" or "Internet Explorer cannot display this webpage." Other would-be visitors are getting a blank screen. Still others report very slow response times when they do gain access to the site. The traffic rose even before the beta was posted. Plans were to go online at 3 p.m. Eastern time.