A new Windows worm, that goes by the name Korgo, is able to auto-infect unpatched systems with a keylogging trojan, steal online banking information, and secretly transmit data back to its creators.
Anti-virus firm F-Secure says there are a number of variants of the worm, all of which exploit one of the vulnerabilities which was patched by Microsoft in April.
Hypponen advised those who had infected by Korgo, to change their passwords and cancel their credit cards. "Especially the ones you've used during last week. This is not a joke," he said.
Symantec has more information including a removal tool. The Sydney Morning Herald is carrying this story.