OK, faced with the Siemens vulnerability, which could have been anybody else's vulnerability just as easily, what should we do?
I've been accused of being an apologist for vendors, but that's not what I am. As long as end-users are accepting (and many cases, specifying) software that runs on Microsoft Windows and Windows Server versions, these vulnerabilities will show up. I am a realist who's had a career in product marketing, sales, and new product development, and I know from the inside what it is like.
From 'Unfettered Blog'