According to Michael Robinson from Cheap SSL Security:
“Patching software defects is a difficult, time-consuming, and exhausting task. It’s also essential for your safety. Malware gangs will try to exploit any software flaws to get access to networks before organizations have had time to test and apply updates. WannaCry is a classic example of what might happen if you don’t patch quickly enough. In 2017, this ransomware caused chaos, causing substantial disruption to the NHS in the United Kingdom.
The underlying Windows Server Message Block protocol exploit that allowed WannaCry to spread so far had been patched several months before the ransomware attack. However, not enough businesses had implemented the remedy, and over 300,000 PCs were infected as a result. Many businesses have yet to learn this lesson: one in every three IT professionals claimed that their company has been hacked as a result of an unpatched vulnerability.”