According to washingtonpost.com: Worm Wears A 'Patch' For Disguise
Two year old exploits should not be explotable, but I'm guessing that there are more than a few dupes out there that willl launch this worm into the wild.
If microsoft could make patches that didn't break the system or introduce new bugs people would be more likely to install them.
They also have that nasty EULA that violates HIPAA to ensure "Auto update" doesn't get turned on...
Joe Wilcox posted some insightful comments on the worm situation in his article titled Microsoft Security: It's All About Dry Ice.