Poll Microsoft has got off remarkably lightly from WannaCry, as the finger pointing between Whitehall and NHS trusts began. But that might be beginning to change.
The NHS had 70,000 Windows XP PCs, but only after the ransomware hit did Microsoft issue a patch. Officially, support had ended in 2014, spurring an upgrade cycle.
NHS0 Windows XP的电脑，但只有在勒索打了微软发布补丁。官方支结束，推动升级周期。
In a letter to The Times [paywalled, of course], former GCHQ chief Sir David Omand has put the moral responsibility on Microsoft for withdrawing support from Windows XP three years ago, knowing the OS was in frontline use worldwide.
在本次[ paywalled的一封信，当然]，前首vid Omand爵士已经把英国的道德责任在微软撤回三年前从Windows XP的支持，知道操作系统是全球使用在前线。
Omand raises the question of whether vendors like Microsoft should continue to secure systems long after their support “expiry date”.
“Should Microsoft have stopped supporting Windows XP so soon, knowing that institutions had invested heavily in it (at the urging of the company at the time)? At least a Windows XP patch for the flaw that allowed the worm to spread so readily has now been issued, but it would have been better if it had been released a month earlier, when the company first became aware of the problem,” he writes.
“微软应该停止这么快就支持Windows XP，知道机构投入了大量的IT（在该公司当时的敦促）？至少有一个Windows XP补丁的漏洞，让蠕虫传播如此容易，现在已经发出，但它会更好，如果它已被释放一个月前，当公司第一次意识到这个问题，“他写道。
The withdrawal of security patches is a big stick, perhaps the biggest stick, that Microsoft possesses to oblige customers to upgrade their archaic systems. (Windows XP will be 16 years old in September – that’s an eternity in computing, longer than the time elapsed from the first microprocessor to the launch of OS/2.)
安全补丁的撤回是一个大棒，也许是最大的坚持，微软拥有迫使客户升级其古老的系统。Windows XP将年前的九月-这是一个永恒的计算，长于从第一微处理器到OS \/ 2推出的时间。
Sympathy for the vendor comes from many who work in health and public sector IT, who blame poor management for mission critical services retaining decrepit and ageing PCs. Microsoft gave the NHS years of notice that support would cease. But isn’t there a social responsibility to maintain even the most inept NHS manager?
An analogy may be vehicles that develop a dangerous defect. Would we excuse the manufacturer and allow unsafe vehicles on the road?
So we’ll throw this open to you. The question is straightforward. Should the government regulate (or legislate) that “unsafe” public services must be patched, and if they are not, place those vendors on a blacklist?
It’s over to you. ®
Continuous lifecycle London 2017 event. DevOps, continuous delivery and containerisation. Register now