Exactly Melon, slipstream, c'est le way.
nothing? hehe. what a thread. muzi I agree... a good reference. cmon lance, see the logic...
here we go.
BTW if you have no firewall at work, I'm dead wrong.
hehe. it was your network.
as melon intoned - "your IP address is sought out and they end up exploiting vulnerabilities to force you to download spyware" - your network's firewall would have (or should have) stopped that unless you initiated the request, and your internal IP would not be viewable from outside. Some pc(s) running on your network used (since patched in '04 by MS) some port exploits to spread to your comp. Once in, they initiate the requests out to the vast puternet(work teehee) - voila - spyware. I know you didn't surf at all, just Windows Update. As melon said, in that short time, your own network betrayed you. The firewall, I trust, stayed intact.
last year Gaobot (look the f*&^er up) got loose on one of our client's networks. it exploited a vulnerability in the print spooler service - travelling along port 135 it looked for any open print shares. It would then initiate 1000 pages of garbage text, and fill up the queue. Printers printed until they ran outta paper. We closed port 135 (which cut all their network drive access) and isolated the culprits (infected PCs). Unsharing the printer on these PCs quieted down the barrage, then we pushed a definition fix from Norton. It took about a week, as we had to reopen 135 so they could have their net shares back..... some rogue PCs still had it a month later. We would just take away their IP, and send someone to see them. Once updated offline, we'd allow them back on.
bottom line, it started from within, a user infected their laptop, and brought it in to work. It was like dropping a pebble in a fast moving stream ---- the thing turned into a snowball in seconds and bogged down the network. Guess that's why they are called trojans. The beauty was it used a port that we cannot close permanently. grrrr. they get better and better. Gaobot wreaked havoc on the printers, and allowed several of the nastier coolwebsearch type spywares in.