This story has been developing for a few days. It's still not clear which routers and system configurations are vulnerable. Right how, the fix is to disable UPnP, which of course applies to Windows systems. It seems the problem may well be larger than that, though, and apply to all sorts of systems as the UPnP referred to is in the router, not the PC. I will attempt to keep either this post updated or post again when more info is available.