Here’s an interesting quote from the Security Wire Perspecitves newsletter I recived this morning.
“Just a few of our users opened the worm before we installed our antivirus signature updates,” said Clay Ruth, software systems engineering manager. “Both of our AV vendors (Trend Micro and F-Prot) came through quickly, so we had the updates online less than two hours after the worm first arrived in our mailboxes. The updated scanners promptly identified the infected systems and stopped the worm in its tracks.”
If you haven’t done so, make sure that your signatures are updating properly.