In Greek legend, Sisyphus was renowned for his cunning but his disrespect got him into trouble, he was condemned for eternity to push a heavy rock to the top of a hill, where it would always roll down again. Systems administrators may recognise themselves as they try to keep up with the stream of critical security patches. Commentators are quick to blame them when there are outbreaks because old patches have not been installed. System administrators even blamed each other for Slammer's spread in a Sophos poll.
However, it is apparent that Microsoft was badly hit by Slammer because they had many unpatched systems. If Microsoft can't keep their own systems up-to-date, who else can?
Almost two years ago, Bruce Schneier wrote an article, "The Security Patch Treadmill" pointing out the limitations of patches and advocating monitoring to improve security. This does not mean that you can forget patching, defence in depth is the key.