Conficker -- the malicious worm expected to activate today -- did not cause widespread computer meltdowns around the globe.

But considering that Microsoft patched the flaw five months ago, it's not clear why Conficker ever became a concern to begin with.

So why was it an issue -- and will it be an issue again?

The rise of Conficker, as an event and as a media phenomenon, has as much to do with user inaction as it does with the actual threat posed by the worm itself. The Conficker worm is proof positive of the fact that despite security updates and media reports, users can be the weak link in the security ecosystem unless motivated to action.

"Unfortunately the majority of the work that we are doing now is unnecessary if we had reacted quicker in the first place, patching immediately after the fix was released," Wolfgang Kandek, Qualys's CTO, told InternetNews.com. "The delay in applying the patch has lead to this widespread problem with millions of machines infected, and is something that we, the industry and the users, have to address."

Fortunately, while many users didn't patch for Conficker early on, all the media hype surrounding the April 1 activation date may have had a positive impact on mitigating risk.