From my perspective, I don't care what defective operating system a worm
uses.
If a malevolent worm is spreading via a vulnerability in IIS and I can
keep from answering support calls by blocking it at the edge I will. If
one of the 31337 crowd ever catches a clue and launches a worm that
spreads via the OpenSSH vulnerability, I'll block that too. My
objective in blocking is not to bail Microsoft out, my objective is to
make sure the people I work with can accomplish useful work and don't
have to spend days repeatedly explaining how to download a patch and
remove msblast.exe.
For the record, I have two folders that catch Microsoft security
bulletins and Red hat package update notifications. Right now the score
is close at MS 12 vs RH 9.
-e