In 2017, a ransomware virus named “WannaCrypt” spread from Windows machine to Windows machine, locking users out of their own files and essentially holding their computers hostage. To address the fallout and promote transparency, Microsoft’s president published a blog post detailing what actions that Microsoft took to mitigate this attack’s effects. It clarified that the exploit used to create this virus was first developed by the United States National Security Agency (NSA), and that the NSA notified Microsoft of this vulnerability after the exploit was stolen by an outside party. Although Microsoft issued a patch as soon as possible, many users did not update their computers and were thus vulnerable. Microsoft emphasized their commitment to further improving Microsoft’s security, called upon consumers to update their systems more frequently, and condemned the common practice of governments “stockpiling” vulnerabilities instead of reporting them.
