I don't feel it's quite an apt analogy, since anti-vaxxers have fully imaginary fears of adverse consequences (vaccines causing autism), while people who disable windows update do it after suffering real adverse consequences of forced updates. A good firewall would protect from WanaCrypt and everything else distributed via opening SMB ports on random IPs over the internet (correct me if I'm wrong), so you should be safe even if you've disabled Windows Update for a legitimate reason. A legitimate reason like "this Windows runs on a medical/factory/etc. device that CANNOT go offline to install updates willy-nilly".
No, unfortunately not - it spread using SMB internally on LANs, but travelled internet-to-LAN by "regular" phishing. It downloads its payload off the internet, but most good firewall would allow that (was the WannaCry payload detectable by virus scanners at the time of the infection? A "good" firewall might be one expected to intercept and scan all downloads).
> A legitimate reason like "this Windows runs on a medical/factory/etc. device that CANNOT go offline to install updates willy-nilly".
"Cannot go offline" implies that it's operationally critical. If you operate such devices, it is an absolute imperative that you have a procedure for taking them offline regularly for updates (not "willy-nilly" and anyone using that word about running a two-year out of date OS on a critical device is objectively not qualified to run them - and anyone buying such a device that can't be upgraded isn't qualified to buy them (and anyone making such a device...)).
If you operate such devices, it is an absolute imperative that you have a procedure for taking them offline regularly for updates
In some contexts that simply isn't a viable strategy. As an extreme example, consider something like an implanted medical device that needs to run 24/7 for the rest of a person's life, which can only be replaced via surgery under hospital conditions, and for which any failure is already a life-threatening event. Of course that kind of device probably isn't going to be running an OS like Windows, but it makes the point. In fact, the USSS has reportedly had the standard wireless update facility disabled in such devices for prominent public figures who might be at risk of being attacked that way.
Some equipment used in hospitals or to run other essential infrastructure might be within the realms of running a "normal" OS like Windows but still be in a position where any time out of service is extremely expensive in one way or another, so routinely disrupting operation to apply updates still isn't acceptable. There are also contexts where the device is regulated and making any change at all requires re-approval -- a legitimate and serious conflict when faced with this kind of security risk if the situation when a regulated device goes out of spec can also be serious.
You need different security strategies for this kind of environment, which rely more on external controls. You can't just say everything must be able to come out of service at frequent intervals for security updates, and you can't just handwash the problem away by calling people who understand the issues "unqualified". It's a far more complicated problem than that, and often there are no completely satisfactory arrangements.
Yes, things are complicated, but airlines manage to routinely take $100m devices out of service for days to months for servicing, so it seems like a bad excuse that a hospital can't plan around taking any given device offline for a few hours every couple of years.
But it's not every couple of years, is it? The patch for the current widespread problem was released just a couple of months ago, and there have been more security patches for other things since then.
Also, those $100m devices aren't in service 24/7/365. No-one takes an airplane out of service in mid-flight to apply a security update.
Sorry, the two years was a reference to Windows XP, of which there were also way too many installs still around (although possibly not on critical devices, but all the more irresponsible to not have upgraded them, then).
> No-one takes an airplane out of service in mid-flight to apply a security update.
On medical devices, where the PC is a terminal or controller for the rest, like RTG or CT machines, you don't get Windows shell and launch the app. You boot the computer, it will boot straight to the control app and the app actively prevents switching to something different. You can only use this controller app on the machine.
The folks at hospitals are not going to fight with such an expensive machine, not even for updates - if something goes wrong, they would be to blame, they can live without that.
