World wide ransomware cyber attack, this is getting scary.

Worse still the program was originally developed by NSA

The only marginal consolation is only giant institutions and corporations are hit (ransomware is only cost effective on big companies anyway). And from what I understand it could have been avoided if only they had installed the most recent windows security fix

A patch for the vulnerability was released by Microsoft in March, which would have automatically protected those computers with Windows Update enabled.

Source

It appears to be a general worm style attack that will target any system, but has been seeded against larger institutions/businesses as part of its initial targets.

As far as I've seen from reports it will happily go after any system it can get connected with.

Microsoft actually made a patch for Windows XP, because of the how large the attack was.

I could care, but I don't. Government using a proprietary operating system, legacy or updated, is a stupidity that was warned for years, and that would result into something like this.

(cough) Heartbleed (cough)

Proprietary's nothing to do with it.

...while an OS like Windows simply has weak security by default, for "friendliness". Replacing dynamic libraries on Windows by malicious version is pretty easy, files and folders have weak permission system.

You're going to ned to show some evidence that you actually know what you're talking about (rather than e.g. parrotting Slashdot statements from 1998) if you're going to say this kind of thing.

Good. It's all very well saying that people shouldn't be running ancient versions of XP, and that's true, but neither should big companies be shipping software so full of holes that 13 years of updates still haven't secured it.

Not trying to defend bad software but it is difficult (if not impossible) to write software with every use case bug-test scenario, considering how fast evolving third party software can be. For large software test forks possibilities and permutations are just too high and loopholes can't all be known at the time of shipping. Only the real world could fully test your software

Thats not to say bad software that could have be written better don't exist (there are plenty of them), but the judgement criteria is not as simplistic as saying "there are holes in the OS after 13 years - thats bad"