This is a very sophisticated hack. Simple maybe to some, but it was quickly released and shows a desire to attack Microsoft systems. It's important to remember to blame the hackers for things like this, and the admins who hadn't yet applied the required patches. Maybe one day security updates will be absolutely automatic, but right now it's pretty close. The hackers are the problem, not the update process.
...agreed on all. Attacks are most often against MS or Mac systems, because they are easier targets. And more cracking punks are using those systems. Furthermore, end-users don't have a lot of time to learn to use open free systems, so they don't have a lot of time for reading security documents and upgrading.
There are also attacks against UNIX systems. UNIX users put more initial time into getting the software installed, running and more time into learning to use them in order to have the timely updates (often before each new attack is devised). It's a tradeoff. Most of the UNIX systems users I've been acquainted with are older geeks, systems admins, radio enthusiasts, et al. Some Linux systems are getting easier to install and beginning to attrack younger anarchists and all of that (thus our making certain UNIX security packages more difficult to configure). But I've known a few UNIX systems admins. who did not upgrade in time to beat attacks. Some of them have left Linux behind to use other UNIX systems (BSD variants, etc.).
There has been a lot of UNIX open system effort to secure MS desktops from outside attacks, but stopping trojans of various kinds that way is a challenge, to say the least. Success against trojans requires good user discretion. I worked for one well known IT company that replaced images on all machines at least once per day, because its employees opened all attachments that came their way, used instant messaging to the outside, etc.
I also think that MS will eventually have fewer lawyers in their employ while having more developers and testers. Sooner or later, their updates will come more quickly.
I can't imagine trying to keep an office pool trained well enough with UNIX as a reasonably cost effective total desktop system very soon, though. It would be a nightmare to try it for now. It might be even more likely that commercial office "suites" will be in the forefront of UNIX terminal/desktop solutions (MS Excel and Word intra-servers for offices with terminals). One such package is Star Office (German company, then Sun, last I knew). ...wonder how that one's doing? Yet, a few of my acquaintances continue to use Windows systems behind UNIX servers/routers/firewalls. MS stuff is an easier transition from offices/schools.
Security for MS will improve. Hopefully, though, it will improve before too many intrusive, freedom-limiting laws are made regarding the Net.
"...in order to have the timely updates (often before each new attack is devised)"
Hmmm. That's an idea. Is MS putting much effort into trying cracks against its own systems to catch problems before they come from crackers? That's the one most successful method for securing UNIX systems. It wouldn't stop the user neglect side of the problem (leaving unused ports open, not updating, etc., which UNIX systems users also do), but it would be a good step--that, and dumping the spyware they plant in new systems to track customer preferences (leaves holes). ...if they haven't already had customers patch those and close them up.