Microsoft should be applauded for its response to the WannaCrypt crisis
I’ve certainly been highly critical of Microsoft in the past, particularly last year when the company began forcing Windows 10 on to users.
But in the past couple of days I have to admit that I’ve been impressed by the software giant’s response to the global WannaCrypt/WannaCry crisis, and not just in patching Windows XP.
Issuing a security patch for XP, three years after it stopped supporting it, was absolutely the right thing for Microsoft to do, and it did it without question, explaining how "helping those affected needs to be our most immediate priority."
In the past, Microsoft has taken every opportunity to push Windows 10, but here it hasn’t.
Brad Smith, Microsoft's president and chief legal officer, says:
As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past.
I would have expected Microsoft to take the opportunity to slip in a message about how upgrading to Windows 10 would have kept those affected safe from the threat -- after all, systems running Windows 10 aren’t at risk from WannaCrypt -- but to its credit it hasn’t.
Given that this is the company that last year snuck a Windows 10 advert into an Internet Explorer security patch, its response to the global crisis has been to look at the broader picture and consider how collective action can keep us all safe, rather than taking the opportunity to flog its new operating system.
WannaCrypt is the perfect example of why users and companies need to run a more modern/supported version of Windows, and keep it up to date, but Microsoft hasn’t chosen to capitalize on that, preferring instead to let users come to their own conclusions.
Businesses, especially cash strapped ones like health services, often prioritize other things over software and security -- some five percent of UK's NHS systems still run Windows XP -- and Microsoft has wisely realized that shouting "upgrade to Windows 10!" would be neither welcome, nor helpful.
More action is needed, and it’s needed now. In this sense, the WannaCrypt attack is a wake-up call for all of us. We recognize our responsibility to help answer this call, and Microsoft is committed to doing its part.
It will be interesting to see if those thoughtful words translate into helpful actions once the WannaCrypt threat begins to die down, and if Microsoft can find a way to help those users stuck on Windows XP to finally move on.