In response to the January 26 story by Robert Lemos, "":
I am honestly not in a position to make a blanket comment. I just know that every system administrator I know is not quick to rush into patches--and, I should note, this is not unique to Microsoft (problems).
Novell has released its share of service packs that have caused more problems than they solved. I run a mostly Novell shop, and one of my main reasons for avoiding NT platforms is the much larger group of people trying to hack Microsoft stuff, coupled with a mistrust of emergency patches.
I guess the word lazy just struck a nerve with me, because so many non-sys admins don't understand what we really do and the logic behind applying, or not applying, upgrades and patches. Many times, we are fearful that a patch will just blow up in our faces, and, especially in my area (K-12 schools), we are so understaffed that something like this can cripple us.
In the case of the new SQL worm, my tactic was to limit UDP (user datagram protocol) on the server, rather than patch. That way it is blocked, and I have time to let someone else be the guinea pig as to whether the patch 'works' or not.