http://blogs.technet.com/b/rhalbheer/archive/2009/03/04/would-a-properly-managed-it-have-withstood-conficker.aspxBefore I start here: Let’s be clear that I will not say (and will never say) that if a customer was infected with Conficker he had a poorly managed network! I had a lot of discussions over the course of time about the reasons for customers being infecteden-USTelligent Evolution Platform Developer Build (Build: 5.6.50428.7875)http://blogs.technet.com/b/rhalbheer/archive/2009/03/04/would-a-properly-managed-it-have-withstood-conficker.aspx#3209719Fri, 06 Mar 2009 01:07:13 GMTd5e57398-b9ef-4490-9955-07cbb4e4a80d:3209719Shoaib Yousuf<p>Roger,</p> <p>This is the topic where you can debate for hours. I think this is happening for several years, organizations doesn't follow proper patch and compliance management procedures and when they get hit by viruses / worrms - they know who to blame!!</p> <p>After all, even if we go to buy a laptop it only comes with 2 year warranty - it doesn't give you assurance for life-time gurantee for not breaking down.</p> <p>I agree to the certain point that patch management is really hard to implement. Most of the organizations find very hard to patch the servers / clients straight away as soon patch is relased. They are heaps of reasons but more prominent ones are</p> <p>1) Change management - it has to go for testing, approval from change management team and so forth - which takes weeks to deploy that patch (in most cases)</p> <p>2) Organization hates rebooting their servers</p> <p>3) Most of their applications are out-of-date and they are not sure whether this new patch will affect them or not.</p> <p>This is the huge problem and bad guys will continue to take advantage of this, atlas people will continue blaming Microsoft and vendors for not providing secure softwares.</p> <p>Shoaib</p> <div style="clear:both;"></div><img src="http://blogs.technet.com/aggbug.aspx?PostID=3209719" width="1" height="1">