Blaster was a worm (self-transmitting and replicating without user interaction.) I was in IT when it came out.
XP SP2 had the firewall enabled by default in 2001, which blocked incoming SMB protocol requests and other related ports by default ("file and printer sharing" exception checkbox.)
Additionally, a security patch for Blaster was released July 16 2003. Blaster itself showed up August 11 2003, so you had almost an entire month to evaluate the security patch.
So in order to be affected by Blaster they had to
1. enable sharing of folders on client machines (connecting to servers does not require this firewall exception.)
and
2. fail to apply a security patch for a wormable exploit in a timely fashion.
That's not wide-open, that's (if they have control of client machines) IT department failure to act responsibly.
I remember, around 2003, laptops getting infected just by getting connected to the Internet. It can be appropriate to use the expression «a wide-open door for malware».
XP SP2 had the firewall enabled by default in 2001, which blocked incoming SMB protocol requests and other related ports by default ("file and printer sharing" exception checkbox.)
Additionally, a security patch for Blaster was released July 16 2003. Blaster itself showed up August 11 2003, so you had almost an entire month to evaluate the security patch.
So in order to be affected by Blaster they had to 1. enable sharing of folders on client machines (connecting to servers does not require this firewall exception.) and 2. fail to apply a security patch for a wormable exploit in a timely fashion.
That's not wide-open, that's (if they have control of client machines) IT department failure to act responsibly.