I will grant you that, fine. But still it should be someone's responsibility to ensure that those laptops are kept up to date with the latest Microsoft patches. This is not the first time something like this has happened. Seems to me these people are making pretty good money in this economy, they need to start being responsible for keeping their laptops up to date, or there needs to be someone on their case making sure it gets done. This costs companies way too much money to take lightly.
Oh, I agree it IS someone's responsibility, but so many of the people with laptops are entirely clueless when it comes to patching and with recent labor cuts IT doesn't have enough staff to dedicate the manpower necessary to do it. Frankly, it appears most manufacturing firms are quite lax when it comes to security, only finding it important once they're smacked really hard. Oddly enough, Mr. FourPeas' company has already been hit with viruses (what Fortune 500 hasn't), but still doesn't consider it that much of a priority until, of course, some virus/hack/dns starts reaking havoc yet again. As in many large manufacturing companies, the senior VP for IT doesn't have a background in technology. He's comes to IT from manufacturing because he was part of a computerized ERP implementation.
The cost of security, like the cost of quality, is so intangible. If it doesn't appear on the financials, it doesn't matter.