One thing further...
Download and run the virus removal tool (available from Symantec) after you've patched your system.
The worm does not spread in the usual manner of email attachments. It is spread via machines on the internet. Basically it goes like this:
1) Generates a mutex named "BILLY"
2) Adds the value "windows auto update"="msblast.exe" to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
3) Worm generates a random IP address (A.B.C.D)
a) A, B, and C are random values between 0 and 255
b) D starts at 0 and increments trying to find machines with vulnerabilities (uses port 135, 139 and 445) to exploit the RPC buffer overflow.
c) This causes a DoS attack because of the flood of traffic on port 135
4) Creates a hidden remote shell on port 4444 to allow unauthorized usage of the infected machine
5) uses tftp to attempt to send msblast.exe to a machine that is vulnerable (ie, one that was contacted via the RPC overflow error).
6) repeat.
The biggest impacts of the virus are that it allows remote users to execute the remote shutdown procedure on infected machines, saturates networks with traffic on port 135, and send DoS attacks to windowsupdate.com.
