Microsoft Corporation (MSFT) Doesn’t Owe You an Apology

Advertisement

WannaCry - Microsoft Corporation (MSFT) Doesn’t Owe You an Apology

Source: Shutterstock

The big tech story of the past week is WannaCry, which hit last Friday and infected more than 300,000 computers to date with its sickly red screen of ransom.

Microsoft Corporation (MSFT) Doesn't Owe You an Apology

Source: Shutterstock

Infected PCs share two traits: files are encrypted by the malware rending the computers useless until a ransom is paid in Bitcoin, and the computers infected are all running Microsoft Corporation’s (NASDAQ:MSFT) Windows operating system.

The combination has led to considerable anger directed toward MSFT, but the blame is misplaced.

WannaCry Wreaks Havoc

The WannaCry ransomware hit starting on Friday, locking up computers in Europe before beginning to spread globally. Only a lucky break and some sloppy code on the part of the criminals prevented WannaCry from spreading further. But by the time the worst of the attack was over, some 300,000 computers had been affected in 150 countries.

Included in the toll were high-profile targets, including dozens of U.K. hospitals. And while the attack proved minimal stateside, FedEx Corporation (NYSE:FDX) was among those that were infected.

When a computer is hit by WannaCry, its files are encrypted. To regain access, victims have to pay a Bitcoin ransom in the $300 range, then wait for the decryption key to be sent. It soon became evident that WannaCry was able to spread so quickly because it exploited a Microsoft Windows vulnerability. But that’s where things get a little complicated.

That exploit was among those that turned up in a dump from the National Security Administration (NSA). You probably remember the headlines from earlier this year, as WikiLeaks revealed numerous hacking tools employed by the CIA. Same idea: Government agencies look for ways into computers, the exploits are stolen by criminal elements and end up in the wild as malware. In this case: WannaCry.

Placing the Blame on Microsoft

Microsoft learned of the exploit and released a security update to address it on March 14. The problem is that older Windows systems that are no longer supported — notably Windows XP — were not patched. What’s more, some users had turned off Windows Update on new systems, so they never received the patch.

The company quickly released a security update for Windows XP and older systems, despite the fact that they are no longer officially supported. But it didn’t take long for the world to plant a collective finger squarely in Microsoft’s chest.

The New York Times published an opinion piece suggesting that many organizations can’t afford to upgrade to new versions of Windows and that new operating systems like Windows 10 may come with unwanted and confusing new features.

That piece suggests that Microsoft refusing to protect older systems like Windows XP (released in 2001; last updated in 2008; security updates discontinued in 2014) without customers paying for an extended service contract can be “seen as its own form of ransomware.”

The author goes further, suggesting Microsoft should spend some of its $100 billion cash hoard to upgrade users of older software to a newer, more secure operating system.

Stop Blaming Microsoft

With Windows 10, Microsoft is on its fifth major Windows OS version since Windows XP. Security is a big deal in the new operating system and MSFT points out in a blog post responding to the WannaCry crisis that it employs more than 3,500 security engineers. However, an old operating system — especially one as old as Windows XP — is asking for trouble. As MSFT puts it:

“As cybercriminals become more sophisticated, there is simply no way for customers to protect themselves against threats unless they update their systems. Otherwise they’re literally fighting the problems of the present with tools from the past.”

Blaming Microsoft for not immediately offering a free fix for software that is generations old doesn’t make sense. That would be like going after the Ford Motor Company (NYSE:F) to retrofit 2001 Taurus cars still on the road with the latest safety technology at no charge. Yes, MSFT will make money when computer owners upgrade from Windows XP to Windows 10. And PC makers will benefit, too, since many of those older PCs are physically incapable of running Windows 10.

WannaCry has proved, however, that running old equipment long past its expected lifetime can be much more expensive than upgrading. If users choose to hang on to old software, it isn’t Microsoft’s problem to fix.

As of this writing, Brad Moon did not hold a position in any of the aforementioned securities.

Brad Moon has been writing for InvestorPlace.com since 2012. He also writes about stocks for Kiplinger and has been a senior contributor focusing on consumer technology for Forbes since 2015.


Article printed from InvestorPlace Media, https://investorplace.com/2017/05/microsoft-corporation-msft-doesnt-owe-you-an-apology-for-wannacry/.

©2024 InvestorPlace Media, LLC