The latest worm attacks are distinct from the earlier Trojan attacks, and low level, because they are not designed to cause widespread infection and system instability, only high key kernel takeover and makeover. IT playing IT long .... for Universal Command and Control of CyberSpace.

It is hardly anything to fear, unless you are up to no Good.

That user idiocy is the root of almost all exploits. At least 90% of them rely on you downloading and running a dodgy program yourself, the other 9.999% rely on you going to a dodgy website and clicking on something.

The fraction of a percent left are these really nasty ones that actually are a problem, the worms that rely on no user interaction to take over your system. All systems have these exploits, but unfortunately most of the exploits out there take advantage of the idiot sat in front of the computer, rather than the computer itself

And almost coherent with that.

I fear the year has been a bit hard for him.

Must be the lack of solar flares.

The reason Blaster caused so much problems was because people didn't patch their systems. Microsoft released a fix for Blaster type exploits long before it was out in the wild.

As usual MS takes the blame because people don't update their computers.

First of all, it's the users' fault for not keeping their system patched. Having said that, can you blame the user? It seems all too often that the official patches end up breaking something else. And let's be honest -- how many consumers (or even small-to-medium businesses) have spare systems with which they can test the patch to make sure it doesn't cause problems? Not to mention that's somewhat useless unless your spare system is an exact duplicate of your production system.

But yes, first and foremost, it's the users' fault. Within the past month, I've had to remove Antivirus 2009 five times (today being the latest). I did a Google search for "Antivirus 2009" to try to get a feel of how prevalent it is (it's very rare that I got a call for the same infection more than once), and one of the blogs it brought up was full of people admitting that they had voluntarily and purposely purchased the software (many of them claiming it was because they didn't want to lose their data). They then proceeded to complain about the software and how the FBI should be going after the authors. Whatever your take on that, you have to admit that these were pretty stupid users. To see a "warning" on your system from a piece of software you've never seen before and did not install yourself, and to then believe what it said and actually purchase whatever they're punting. These are the same type of people who keep the spam alive by falling into the trap of clicking on links and buying whatever is being thrown at them. Not to put too fine a point on it, but these people are too stupid to own a computer.

Having said that, this is also Microsoft's fault. And no, I'm not even remotely hinting that it's just Microsoft or that any other OS is any better. I'm sure they all have their flaws. The point is that Windows XP is now seven years old. With their resources (read: profits), it would be easy for Microsoft to audit every single line of code looking for problems, at least the common ones -- buffer overflows, lack of data validation, etc. And there's nothing preventing them from auditing new code once it's written (before the product is released). But why do that when the world can be your beta testers? I'm not saying it's feasible to have any kind of guarantee against problems (or even that doing so would be a good idea), but surely they can take steps to make sure their products are not as susceptible to exploits as Windows has been.

In the end, there's plenty of blame to go around. But when you're dealing with a company the size of Microsoft, who can easily audit their code before it's released, and when you're dealing with software that costs half as much as the computer hardware it's running on, it's not unreasonable to expect a little more in terms of security and stability.

Well said, Chris C.