Microsoft’s Legal department rides out to defend their brand by blaming the NSA for stockpiling vulnerabilities and not reporting them.
Its a good strategy. The NSA can’t fight back and already have a poor reputation after being bashed in the media for a while now.
But Microsoft’s consistently poor security record for more than two decades will make it difficult to get that to stick.
Sure, customers are at fault for not patching or upgrading to the latest software. But Microsoft has consistently done everything to prevent this with high prices, unreliable (forced) upgrades, unreliable products and an update process that is so complex and costly that its impractical to execute.
Blame goes both ways and Microsoft should shoulder their share.
Link: The need for urgent collective action to keep people safe online: Lessons from last week’s cyberattack – Microsoft on the Issues – https://blogs.microsoft.com/on-the-issues/2017/05/14/need-urgent-collective-action-keep-people-safe-online-lessons-last-weeks-cyberattack/