Originally posted by Solatar
Pardon my ignorance, but what exactly did it DO to the victims computer?
It wasn't supposed to do anything more than find a vulnerable computer on the net, then infect that computer. Then it was supposed to create a backport and listen there and wait for specified time to DoS WindowsUpdate website. Creator of the worm made several mistakes though, first he didn't use the correct WinUpd address, and MS easily repelled the attack by disabling forwarding. Then there was a serious bug in the worm which caused RPC service to shut down, since W2k/XP cannot work properly without this service, the system would reboot, although only XP informed an user of this.
Thanks to the bug, infected XP computers were easily found and patched up. W2k system were little trickier since those didn't inform user of any service instabilities.
So in the end it ended up to be a nice plan but implementation sucked. All it did was caused a major headaches to technical support teams all over the world.
If I recalled wrong some parts, I am sure someone will correct me.