19 May, 2017
Smith said that Microsoft proposed in February a new "Digital Geneva Convention" that would include a new requirement for governments to report software vulnerabilities to vendors, rather than stockpile, sell or exploit them. Hundreds of thousands of computers were infected with WannaCry ransomware in over 150 countries worldwide over the weekend. It doesn't matter if it is a personal photo or your companies most important excel sheet, if somebody encrypts your data files, it is very hard not to give in and pay the ransom.
Disclosures of intelligence tools used by the US government have periodically contributed to the debate about reforming the vulnerabilities equities process.
If there's anything, Microsoft should indeed be appreciated for their response on the entire issue.
The company on Friday said it had added additional protection against the specific malware, and was working with affected customers.
"When a design flaw is discovered in a vehicle, manufacturers issue a recall".
Every software weakness the NSA (or Central Intelligence Agency, or FBI) decides to use for itself in total secrecy is necessarily one it won't share with a company like Microsoft so that it can write and release a software update to keep its customers safe.
Jonathon Nash, owner, Lake Orion-based Leet LLC, said devices that are most vulnerable are "mostly older" personal computers (PCs) running dated Microsoft operating systems, specifically Windows XP and earlier.
However, proof positive of just how bad the spread of "WannaCry" has been, the company did something it hasn't done in years: released a security patch for Windows XP.
There's a blame game brewing over who's responsible for the global cyberattack.
"The size of the outbreak is indicative of the number of machines out there which have not been patched with security updates". "Users must update the patch MS-17010 provided by Microsoft using the source link http://technet.microsoft.com/en-us/library/security/ms17-010.aspx". Install Microsoft's patch. 3. That could saddle the company with the XP albatross for many years past when it hoped to be free from having to maintain the software. Use a reputable security software to prevent attacks in the future. The longer victims pay, the longer ransomware will continue to grow, or at least that's what leading cyber security firms believe and it's why they advise against it. "That's going to become a more common practice".
ET had on Tuesday reported that many Indian companies after being attacked by WannaCry, had even paid the hackers.
Once malicious software is in the wild, it is commonly reused by hacking groups, especially nation-states trying to leave the fingerprints of another country. Kaspersky Lab says that the majority of affected systems were in Russian Federation.
If you're serious about this "wake-up call", Microsoft, use your dominant market position to find better ways of tackling the security problem.
Shame on Microsoft, says Chris Merriman in The Inquirer.