I disagree. If best practices had been followed, the damage would have been minimal.
Even if the initial infection was caused by an infected software update, its spreading mechanism relies on misconfiguration or unpatched software.
> only consider non-proprietary software in future
I'm a big proponent of open source software, but how is this relevant here? Microsoft handled the initial disclosure perfectly and provided patches before the vulnerability was publicly disclosed. By the time this attack happened, the patches had been out for a few months.
I certainly hope that they recover from this, but it's not like that kind of attack is hard to prevent.
Even if the initial infection was caused by an infected software update, its spreading mechanism relies on misconfiguration or unpatched software.
> only consider non-proprietary software in future
I'm a big proponent of open source software, but how is this relevant here? Microsoft handled the initial disclosure perfectly and provided patches before the vulnerability was publicly disclosed. By the time this attack happened, the patches had been out for a few months.
I certainly hope that they recover from this, but it's not like that kind of attack is hard to prevent.