Countries initially affected by the ransomware attack - Image: Wikipedia

Microsoft is coming under fire once more for its handling of the WannaCrypt ransomware outbreak. Earlier this week, former GCHQ chief David Omand slammed the company, and now the Financial Times has done similarly.

The publication says Microsoft held back a free repair update on Windows XP machines, instead reserving it for customers with custom support contracts. Those agreements cost as much as $1,000 per device per year.
“It should be included in all Windows; it shouldn’t be that you have to pay more for a more secure version of Windows,” said Michael Cherry, an analyst at Directions on Microsoft.

Two Different Camps

However, while some agree with this sentiment, there is an opposing argument. It’s clear that Microsoft does encourage its customers to upgrade to Windows 10, but it’s for a good reason.

The core of Microsoft’s new OS is just more secure than XP, which is 16 years old. Should the firm be expected to support every product until the very end, free of charge? Especially if it’s like duct taping a leaking dam.

In the case of major exploits, the answer isn’t black and white. When the result is global outages, some would argue Microsoft has a responsibility to fix critical vulnerabilities regardless. Others would say the fault is with the companies, who should employ good security practices regardless of cost.

Whatever the case, it’s clear which camp Microsoft is in. Speaking to CNET, a spokesperson said:

“To be clear, Microsoft would prefer that companies upgrade and realize the full benefits of the latest version rather than choose custom support. Security experts agree that the best protection is to be on a modern, up-to-date system that incorporates the latest defense-in-depth innovations. Older systems, even if fully up-to-date, simply lack the latest protections.”

It’s a polarizing issue, and we’d be interested to hear your thoughts in the comments below.