New worm & patch expectation

WASHINGTON (CNN) -- A fast-moving computer worm Tuesday attacked computer systems using Microsoft operating systems, shutting down computers in the United States, Germany and Asia.

Among those hit were offices on Capitol Hill, which is in the midst of August recess, and media organizations, including CNN, ABC and The New York Times. The Caterpillar Co. in Peoria, Illinois, reportedly also had problems.

Ok, why does this always seem to happen.  A patch is released and shortly afterwards, a worm shows up which exploits the problem.  Obviously, someone is looking at the exploit or the patch itself.  From one standpoint, Microsoft has put a patch out for this, so its hard to blame them for this.  On the other hand, the patch was relatively new and most organizations would not have had a chance to install it.  I have my systems set to auto-update so I am almost covered, but what about inside an organization?  What should be the expectation of getting a patch installed? 1 month?  3 months?  6 months? 

Wally