I hear from an inside source that they didn't use WSUS as they thought the risk of patches breaking apps was too great. Man, that's a hard way to learn that lesson. The MS patch has only been out since Oct 2008.
The spokesperson is talking in the press about installing a better password regime, although they have a good one already. It can't be very good if conflicker is able to guess passwords that meet the existing standard.
Someone deserves an arse-kicking over this!