SadMind is a worm that spreads on Solaris systems. Additionally, it breaks into Microsoft IIS servers and replaces the homepage with an obscene message. Possibly hundreds of websites have been defaced by this worm since the beginning of May, but this could have been avoided.
SadMind infects Solaris systems by taking advantage of a two-year old buffer overflow vulnerability. It breaks into the IIS servers using a seven-month old directory traversal vulnerability. It would not have spread if Solaris administrators had installed the patch during the past two years. It could not have defaced the webpages if IIS administrators had installed the patch during the past seven months.
Lesson to learn: Keep up-to-date: Install the Security Patches.