From threat post:
The NSA’s EternalBlue exploit has been ported to Windows 10 by white hats, meaning that every unpatched version of the Microsoft operating system back to Windows XP—and likely earlier—can be affected by one of the most powerful attacks ever made public.
Researchers at RiskSense, among the first to analyze EternalBlue, its DoublePulsar backdoor payload, and the NSA’s Fuzzbunch platform (think: Metasploit), said they would not release the source code for the Windows 10 port for some time, if ever. The proof of concept has been in the works since the ShadowBrokers’ April leak of Equation Group offensive hacking tools targeting Windows XP and Windows 7, as well as the development of a Metasploit module based on EternalBlue released two days after the WannaCry attacks. The best defense against EternalBlue, researchers maintain, is to apply the MS17-010 update provided in March by Microsoft.So, it seems that the only advantages that Windows 10 provided were: (a) that not enough users had switched to Windows 10 for black hat hackers to bother targeting it, and (b) Windows 10 users have no control over Windows Update, which means that they were updated in spite of themselves...which is something of a mixed blessing.
This is part of the problem that Microsoft have when pitching Windows 10's alleged security superiority over Windows 7. Redmond had spent years working to convince Windows users that their OS was every bit as safe as any other OS on the market; Linux and MacOS may have been targeted by fewer attacks and exploits, but that was just because Windows was so much more popular than they were. Well, guess what? That worked. And now Windows 7 users aren't buying it, when Microsoft try to convince them that safe-as-houses Windows 7 is full of fatal flaws.
That's the catch-22, the cleft stick in which Microsoft find themselves. If Microsoft were telling the truth before, then Windows 7 is basically as safe as any other OS, and users have no reason to believe Microsoft's recent scare-mongering. On the other hand, if Microsoft were lying before, then Windows has never been safe, and users would always have been better served by switching to Linux, because why would Microsoft be any more trustworthy on the subject now, when they have a vested material interest in lying to us? Having spent two years eroding users' trust with their abusing GWX shenanigans, intrusive "privacy" policies, and monopolistic bullshit, Microsoft's customers simply aren't willing to listen as they WannaCry wolf.
GG, Microsoft. Good job.