Yep, a new worm. More info is available. It affects IIS web servers, of course.

Update: Microsoft’s posted a fix for IIS. Well, not so much a fix as a preventative tool: it filters requests based on the URL, according to a policy set by the administrator. Pretty useful-looking, that.

And still watch out for readme.eml when browsing the web, especially if you’re using Internet Explorer.

So tell me again why people run IIS?