The following are publicly available docs from Microsoft IT detailing best practices used internally at Microsoft. These were written after Code Red, Nimbda, Sasser but apply to Zotob/Variants and can help enterprise customers struggling with patch management.

1.       Incident Response—Managing Security at Microsoft

2.       Server Security Patch Management at Microsoft

3.       Systems Management Server 2003: How Microsoft Does Patch Management

4.       Systems Management Server 2003: Deployment at Microsoft

5.       Systems Management Server 2003: Desktop Patch Management at Microsoft

6.       Improving Security with Domain Isolation: Microsoft IT Implements IP Security (IPsec)

7.       IT Security at Microsoft Overview

8.       Security Enhancements for Remote Access at Microsoft

9.       Securing the IT Environment at Microsoft: Enterprise Security Compliance Management

 See also

SMS 2003 Scripting Guide

Software Updates for Dell Server Hardware Using SMS 2003

Patch Management Using Systems Management Server 2003

Scenarios and Procedures for Microsoft Systems Management Server 2003: Software Distribution and Patch Management