HA NOI — Symantec said it had observed an increase in infections caused by the W32.Downadup virus over the holiday period and is urging organisations to apply a patch for Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability as soon as possible.The internet security firm said W32.Downadup is a particularly malicious piece of code and one of the most prolific worms seen in years.This is largely attributed to the fact that it is capable of exploiting users running unpatched Windows XP SP2 and Windows 2003 SP1 systems.Other worms released over the past few years had largely targeted older system versions, which have an ever-decreasing distribution, Symantec said.The Symantec Intelligence Analysis Team said that it initially obtained the connecting IP, which can be either an externally facing infected system or an Internet gateway used by multiple systems using network address translation (NAT).Access to the IP address allows the team to approximate the number of infections and geographically map out infection density.The IP data shows that China and Argentina are by far the most infected areas and that East Asia and South America are the main sources of infection.In total the company had observed over three million unique IP addresses infected with W32.Downadup.A, Symantec said. — VNS