It wasn't an accident that Microsoft uncovered the supply chain plot.

"We're always looking at different aspects of how people get infected, and there's always some discussion here of getting infected through counterfeit OSes," said Boscovich. "We wondered, 'How bad is this situation? People are getting more astute about security, so what are the criminals trying to do now?' We heard that the supply chain was an area where malware could be introduced. But I was somewhat surprised that we found malware-infected machines so quickly."

Microsoft has warned customers that counterfeit copies of Windows pose a threat for years -- a message many see as cover for a greater concern for its own business interests.

Boscovich relayed the same message yesterday. "Counterfeit software is usually merely an intellectual property issue, which is important," he said. "But this transcends. People, not just a company, are potentially victimized."

Microsoft is unsure where in the Chinese supply chain the malware was introduced, but given the way PCs are purchased there, believes that it's at the point where a retailer adds Windows.