Tossing in my 2c worth...
To everyone bashing on MS and the update process, what would you have them do? If they don't force installation of updates, then you get something like WannaCry, people bash them for having an insecure OS and why don't they make is people are forced to keep it up-to-date. If they force the installation of updates (Win10) then when the update install process gets the time to restart wrong, people bash them for forcing updates on them.
When people don't install updates on servers because a reboot is required and that gives malware a foothold, people bash them for a piss-poor update process and updates that break systems (now be honest, when's the last time you had an MS update break a *SERVER* beyond any recovery?)
Could the process be better? Absolutely! I hate having to reboot my servers once a month after updating (and we're required to have all current updates within a couple weeks of release,) but MS is stuck dealing with design decisions made back in the Windows 1.0 days (well, OK, maybe Win95 / NT3.5) Could MS make changes to the OS and how it handles files to enable Linux-style no-reboot updates? Probably, but then they'd likely have to change other parts of how the OS handles things, causing problems (breaking if you prefer) existing applications people use until those get updated, causing yet again people to bash the update process (what do you mean my mission-critical application won't work on Windows Don'tNeedToRebootAfterUpdates unless I buy the newest version from the vendor that supports the changes? That's it we're going to [insert OS of choice] instead!) Linux was able to say from the start "legacy applications? What legacy applications, we're a brand-new OS that no one has ever seen before!" MS is stuck with "Company XYZ who spends the GDP of Bulgaria every couple of years on MS licensing still has to be able to run this application from 1991, so we need to keep in the bits that it requires."
Finally, to anyone saying that MS update process makes them not apply updates because it sucks / is broken / don't want to reboot / whatever. So the update process is standing over you with a gun to your head telling you to not update? YOU are making a conscious choice to not find the time to test and apply those updates.
Frankly, I think Grant had the right of it, it wasn't MS fault WannaCry spread and did as much damage as it did, it was the businesses / end users / sysadmins for not keeping up-to-date on patches and keeping on an OS that is supported. Yes, I realize medical equipment tends to be a special case (you spent $1.5M on an MRI, you're going to keep that think running until it falls apart, and any change requires re-certification with the appropriate certification body,) but even those can be kept more secure (separate, non-internet connected network maybe,) but again, it falls to the user to ensure their own security.