Microsoft has already developed and circulated a security patch to protect Windows' users from the WannaCry virus, the most dangerous and widespread ransomware attack, so far. However, the tech-giant criticized the government and NSA for stockpiling the security flaw information that it found rather than notifying the companies about it and said that the ongoing attack is rather a "wake-up call" for the governments.
The ransomware has so far infected more than 200,000 computers in around 150 countries all across the globe. The attack has even affected hospitals, forcing them to lock down until they paid ransom to the hackers in Bitcoin.
Security experts believe that a second wave of WannaCry attack is very likely to happen.
WannaCry uses a vulnerability in the older version of Windows, which was originally detected by the NSA; however, the American security agency exploited it to hack devices rather than informing the company.
"This attack provides yet another example of why the stockpiling of vulnerabilities by governments is such a problem," wrote Microsoft President Brad Smith in a blog post on Sunday.
"We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world. Repeatedly, exploits in the hands of governments have leaked into the public domain and caused widespread damage," Smith added.
He also stated that there should be held a "Digital Geneva Convention", where governments will have to report all the vulnerabilities that they find, rather than exploiting them.
"We need governments to consider the damage to civilians that comes from hoarding these vulnerabilities and the use of these exploits. This is one reason we called in February for a new "Digital Geneva Convention" to govern these issues, including a new requirement for governments to report vulnerabilities to vendors, rather than stockpile, sell, or exploit them," he said.
Smith also stated that Microsoft had already released a security patch for the said vulnerability but users didn't update it for some reason or the other and now the tech giant is "working around the clock" to protect and help its affected customers. So much so, that the company has even released an update for those versions of Windows which are no longer supported.
