MS06-040 - Blaster redux? Probably not

The security world is abuzz with the damage potential of one of the security vulnerabilities patched recently by Microsoft. Security bulletin MS06-040 deals with a buffer overflow vulnerability in a service called "Server", which is present and running on Windows 2000, XP and 2003 operating systems. As the bulletin states
"An attacker who successfully exploited the vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."

The fear is that it could snowball into a mass-exploitation platform similar to what happened with Blaster, Slammer, CodeRed and Nimda. There is already news of a bot, which exploits this vulnerability to take control of the remote system, and use it as a zombie to launch co-ordinated attacks - most typically distributed denial of service attacks. Here's what Stephen Toulouse had to say at MS's security blog.

But here's why I think this is unlikely to happen, at least at the scale at which it is being hyped up:
1. Security awareness levels are much higher than they were in 2003 and earlier.
2. Most medium and large organizations have patch management systems in place, which would mostly automatically download and push the patches through.
3. On desktop systems, the Windows Automatic Update service, desktop firewalls and updated anti-virus software may combine to significantly mitigate the threat.
4. The security industry has a bit of a natural tendency to over-hype potential vulnerabilities. Recollect the buzz around the WMF vulnerability. Nothing came of it. Plus, we haven't had a really big worm since Blaster, so the scene is getting kind of boring.