If you're thinking of Blaster/Lovsan, the coder of that worm did an error and the WindowsUpdate attack that is to take place on the 16th is aimed for windowsupdate.com, and not windowsupdate.microsoft.com which is the real address... MS mentioned they're simply gonna edit the A-record for the windowsupdate.comsite to redirect to 127.0.0.1...
_________________________
The tart is out there
