Hey, it's not that easy. One guy has over 100 Windows servers. He's installed the patch on all of them already buy not rebooted them all to have it take effect. Rebooting things ends services that may be mission critical. He's had about 2 weeks to take care of 100 servers and maybe 1000 workstations. Having done all that the network is still somewhat vulnerable to people docking inside the firewall who are infected. Really bad virus's are not simple to defeat. I therefore disagree with you assertion that the mere infection of a computer is a reasonable cause for termination of the sysadmin responsible for it.