First off: there really isn’t any “death” involved. The cursor works, the keyboard works, the Task Manager works, just the desktop and shortcuts don’t display. That’s it.
Secondly: it’s not due to a bad patch, as has been touted to death (the only “death” involved here after all, is the press going berzerk and reprinting lies to death).
The actual “attack vector” is by way of a web popup ad that says “your computer may be infected with malware! click here to remove it now!”, which my daughter fell for.
The malware installs itself as a “anti malware” application, with a peculiar name (randomly defined it seems), but which appears in the Add/Remove Programs list (dumb move on their part). It reconfigures the firewall settings and turns off the Microsoft Security Essentials service, so real-time scanning was disabled. I was able to clean it out and get the machine back to normal state. No rootkits or leftovers appear to be on it and it doesn’t appear to have propagated to other computers or shares.
I know, because it affected one of my home computers. The actual cause was malware. That’s right: malware. But actually, that’s not the “root cause”. The root cause was an oversight on my part. I added my daughter’s user account into the local Administrators group so she could install some games while I was away. Bad decision. Normally, I would not have done that and would have made her ask me to install them when I was at home. I got lazy.
Other people I’ve talked to who have run into this have either encountered it the same way, or by tuning UAC down until it’s useless. Leave UAC alone! It works fine! UAC is the lock on the front door of your house/apartment. Sure, it sucks at times to whip your keys out and unlock with a load of groceries, but does it make sense to remove the lock for that reason?! Hell no! People that whine about UAC are just whiners. Get over it. It’s for YOUR own good so, whatever…