Why blaster is not the end

Blaster is not the last thing that will come through and play smackdown with Windows systems on the net. There are too many extant vulnerabilities, and too many systems that haven't been patched, and likely won't get patched. Here's a leading example of the problem:

Microsoft needs to take its own patching medicine. I have it on pretty good authority that even though Microsoft made the security patch that could have headed off Blaster available weeks before the worm hit, it didn't patch all of its own servers inside the company. I've heard 47 servers running Microsoft's Passport Internet-authentication software had to be taken down on August 12 (day two of Blaster) for "emergency maintenance."

You may recall that Microsoft failed to patch a number of its own servers against the SQL Server Slammer worm back in January, exacerbating the effects of the attack. Wasn't once enough?

Virtually no one stays up to date on patches. It's manually intensive work, and it's always something that you can put off until later. And tasks that can be put off will be put off. Sure, XP can be set up to auto-patch. But that's not a solution either - some patch updates don't work right - there are simply too many hardware combinations in the PC world for auto-patching to be a fully reliable thing in all cases.

What would be the safest course of action? Well, if I were setting up an IT infrastructure right now, I'd look long and hard at FreeBSD and Mac OS X....