I got a chuckle out of this - according to the register, an MS employee brought a code red infected laptop to work and attached it to the MS intranet. And yes, there were unpatched servers active there.