Re: Great analysis - thanks
So the question is - why have you got several thousand W7 desktops unpatched?
I can think of a couple of reasons. The first isn't that unusual; as many have noticed, even Microsoft, there are always those that plead incapable when it comes to computers. The question here is whether such users should be allowed access; consider that these people can cause all sorts of problems for other users by not being up to the task of handling their system responsibly.
The other is a little more sinister. Since just before the release of Windows 10 there have been increasing amounts of concern about Microsoft's patching habits. The biggest concern has been that Microsoft have spent a lot of time and effort trying to integrate spyware into their products (see the Register article "Mud sticks: Microsoft, Windows 10 and reputational damage") to the extent that some people have stopped patching. While originally it was easy to spot the spyware patches and avoid them, the current regime of rollups makes this all but impossible to do.
So if finger pointing is really necessary, and before we charge headlong into a fit of blaming unpatched users or the people that perpetrated this problem, let us also consider Microsoft's role in this.