Re: heres 2 right off the bat.
I'm struggling to think of any reason any user would need to download a .exe
Because IT departments are bound by the same network policies and need to. What we do instead is scan everything and restrict non-admins from running them.
Lets be clear, Wannacry did not happen because some Doctor, Nurse, Physiotherapist or whatever decided to run COOLPICTURES.JPG.EXE whilst logged into their Windows XP system.
It happened because undermanned IT departments in underfunded hospitals took too long to test patches and software updates. As others here have said, it wasn't because they were all running XP either. Infact, if the NHS had been all XP, it might have escaped relatively unharmed since many trusts have reported that their XP machines were not infected at all.
Give us the money and personnell to do it and it will be done.
Biting the hand that feeds IT
