Blah blah blah.<p>Back in 2002 Billy tried to interest Microsoft in Trustworthy Computing. <a href="http://www.zdnet.com/article/10-years-since-the-bill-gates-security-memo-a-personal-journey/" rel="nofollow">http://www.zdnet.com/article/10-years-since-the-bill-gates-s...</a> It's now 2016 and they're still "trying" to figure it out.<p>Microsoft has a market cap of $465 billion. They currently have $136 billion in cash. Their ongoing security failures don't seem to have affected them all that much.<p>Their ongoing efforts remind me of the classic Far Side cartoon <a href="http://adventuresinsidewaysliving.blogspot.com/2008/08/farside-quick-hits-merl-post.html" rel="nofollow">http://adventuresinsidewaysliving.blogspot.com/2008/08/farsi...</a>
<i>Knowing how it could change the life of canines everywhere, the dog scientists struggled diligently to understand the Doorknob Principle</i><p>I will grant them one thing. IMO it's impossible to defend against spear-phishing. I don't think <i>anyone</i> will ever solve that one. Can't overcome human nature: "Oh look, cute cat GIFs!".
The short version:<p><i>"To address these types of sophisticated attacks, Microsoft recommends that all customers upgrade to Windows 10, the most secure operating system we’ve ever built, complete with advanced protection for consumers and enterprises at every layer of the security stack."</i>
Once a vulnerability is being actively exploited it makes sense to disclose it to the public even if a fix is unavailable. Doing so gives users the chance to protect themselves by changing their behavior until updates become available.