http://searchsecurity.techtarget.com...0,289142,sid14
_gci1310963,00.html

(notice the paragraph towards the bottom)

Guess we know which OS they were using that got compromised and spread
the lovely malware around (although I don't think anyone would be
surprised here).