In October Microsoft departed from the norm and issued an out of cycle patch after it discovered a small number of infected machines in Asia. Apparently, that was not enough as many users have not applied the patch. As a result, a worm that showed up within the last two weeks has managed to infect somewhere in the neighborhood of 500,000 PCs. While not the largest botnet to date, the numbers are still growing and it appears to be the work of a different set of criminals than those running more well-known networks such as Srizbi and Rustock. You can read more about the vulnerability and download the patch at Microsoft Security Bulletin MS08-067.