An anonymous reader shares Engadget’s report about Microsoft’s response to the massive WanaDecrypt0r ransomware attack:
Company president Brad Smith has posted a response to the attack that roasts the NSA, CIA and other intelligence agencies for hogging security vulnerabilities instead of disclosing them to be fixed. There’s an “emerging pattern” of these stockpiles leaking out, he says, and they cause “widespread damage” when that happens. He goes so far as to liken it to a physical weapons leak — it’s as if the US military had “some of its Tomahawk missiles stolen”… Microsoft had already floated the concept of a “Digital Geneva Convention” that required governments to report security holes, but the idea has gained a new sense of urgency in light of the recent ransomware chaos… While Microsoft makes its own efforts by rushing out patches and sharing concerns with other companies, it also chastises customers who could have closed the WannaCry hole two months earlier but didn’t.
BrianFagioli shared a BetaNews article arguing Microsoft “should absolutely not shoulder any of the responsibility. After all, the vulnerability that led to the disaster was patched back in March.” But troublemaker_23 notes that ITwire still faults Microsoft for not planning ahead, since in February 150 million people were still using Windows XP.
Read more of this story at Slashdot.
https://slashdot.org/slashdot-it.pl?op=discuss&id=10610467&smallembed=1