Back on Oct. 23, 2008, Microsoft released a critical security update for Windows: MS08-067. Isolated attacks existed at the time of the bulletin release and in our blog we strongly recommended installing the security update as quickly as possible. Later, a few trojans that exploit this vulnerability were found and a month from the release of the bulletin we blogged again, this time about the first worm which exploited that vulnerability: Win32/Conficker (here and then here).
Over the last couple of weeks, a new variant of this worm has been affecting customers. We detect it as Worm:Win32/Conficker.B. In addition to exploiting MS08-067, this variant also uses other propagation methods; it tries to copy itself to network shares by guessing their passwords. If the password is weak, it may succeed. It also tries to spread via removable media.
Conficker Infection Diagram
More at the source:
also see: