2017-21. Here's another epistle that I wrote years ago but never got around to uploading. Perhaps I shouldn't be so harsh about Microsoft's incompetence.
May 15, 2017. There's a global crisis with a type of ransomware affecting recallable Windows computers with defects that need to be repaired immediately. It's shut down everything from British hospitals to FedEx. It's because of a product defect in Windows. But a product liability suit probably wouldn't go anywhere. Microsoft has managed to convince everyone to blame the end-users for running old and/or unpatched systems.
In any other product line, no matter how old, if a defect that could cause harm was found, there'd be a recall and the company would be compelled to offer free repairs. Microsoft somehow convinced everyone that they're different and don't have to do this. Instead, they summarily declare 'end of life' and after that let known defects go unaddressed even when they have a fix available. The only way out is to (1) buy their latest system, or (2) pay an exorbitant price to buy critical security patches for older systems. Now that is ransomware, measured in billions of dollars, with the entire world held hostage.
Even people running systems still in support and set up for automatic updates may find they are unprotected. I recently was given a Windows laptop still in support. After reading about the latest scourge, I thought it might be prudent to go find the 'Windows Update' program and verify that this latest supercritical patch was installed.
Where is Windows Update? It took me over 20 minutes to find Windows Update. It wasn't on the Desktop. It wasn't found in Windows Explorer. It wasn't found in Internet Explorer. It wasn't listed at the top level of the start menu (you know, the button you click to stop the computer). I finally found it hidden under a sublevel: start, Control Panel, Security.
Do automatic updates work? They were enabled, every day at 3:00 A.M. But it said the last update was applied on June 20, 2014. Surely that couldn't be right. So I thought I'd better click the button to refresh the information. This rewarded me with the message that the Windows Update service was not running and I might have to reboot. Rebooting, of course, changed nothing. After futzing with this for another half hour, I wondered if it's possible that when scheduled updates are enabled, you can't do a manual one. I turned them off, despite the warnings that this is not recommended. Bingo! Turning off the automatic updates was necessary to start the update process. How typically Microsoft.
How long does the updating take? I kept wondering if the PC was frozen -- after more than half an hour, it becomes doubtful, but the disk light kept blinking, so I watched a Sherlock Holmes. Eventually, I was advised that there were 131 updates totaling over a gigabyte in size. That would be quite impossible on a dial-up connection. There must be enough critical 'patches' to reach from here to Alpha Centauri. I allowed the process to proceed and watched another Holmes. It was well after midnight before the update was completed. But at least it did complete. One hopes that the updates included the no-ransomware update. But given this record of years with no updates at all despite the 'automatic' setting, I shouldn't count on it.
Why didn't the automatic update work? The only thing I can think of is that it was reasonably set to 3:00 A.M. Who would choose to set them to happen in the middle of the workday? But could anyone even imagine that you need to set an alarm clock for 2:55 a.m. to go in and open up the lid and make sure the laptop is online so that the 'automatic' update would take place?
Unusually, Microsoft did release a patch for Windows XP. But you have to apply it manually. You can download it from blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/ and let it run -- provided that you're not already infected.
This infection isn't the end user's fault -- it's a product defect. And it's causing massive harm. Microsoft had patches available to stop it even on older systems but affirmatively chose not to release those patches to the public until they allowed that harm to begin. And even if you have a supported system, you can't be sure you're protected. You had better well check. Do it now.