Security firm Symantec notes that the Downadup worm has swept through China, Argentina, Taiwan, Brazil, India, Chile, and Russia. The infection doesn't even register in the United States. Why?As Symantec pointed out in this blog post, the geographic areas with the highest infection rates correlate with the regions that also have the highest piracy rates. Stolen copies of Windows don't get all of the updates, and those with stolen copies are much more likely to turn off their automatic updates. This seems to be a clean explanation as to why the worm -- which infects systems through a vulnerability Microsoft patched in October -- hasn't made a dent in North America, and has ravaged areas known for high levels of piracy.
This shows how simple common sense goes a long way toward keeping PCs from getting infected: patch, use antivirus software, and don't use dopey dictionary-based passwords. The mega-paranoid among us may want to disable auto-play, as (mostly through USB drives) the worm can spread that way.
Speaking of piracy, criminals are once again giving it to the users of peer-to-peer networks (which have never been the best way to get your software). These networks often are littered with malware. And it seems malware writers are now riding the wave of publicity surrounding Apple's new iWork '09 productivity software. They've circulated a Trojan named iWorkServices within a fake iWork '09 trial installer. If you'd like to trial iWork '09, get your copy from Apple's Web site.
The moral? Buy your software, patch, and download trials from legitimate Web sites.