[EmlynC]

What gets me is why we don't see more viruses that _deliver_ the patch to fix the vulnerability.

It's perhaps a little more difficult as you'd need a vulnerability to keep spreading the innoculation. Arguably, though you release the virus, let it spread and then trigger the innoculation using a mechanism like calling out to a webserver, just as the kill switch worked here.

[adrianN]

You run the risk of jail time without the upside of ransom payments.

[EmlynC]

True, plus, I forget the legislation but you are effectively breaking into the computer first which is a crime. Committing a crime for a noble outcome is still a crime.

Incentives is a real issue here and those that provide the patch would, reasonably, expect a reward i.e. MS for updates, AV provider for testing, finding and securing the vulnerability and a whitehat for disclosure. However, there is no reason why a "charitable" hacking group wouldn't do this as part of some sort of digital vigilantism. Sometimes people do things without extrinsic reward and the thrill here is that it is as hard as cracking, but you get to know that your efforts could be immediately applied.

[marksomnian]

That's an interesting idea: release a virus to cite a virus. Reminds me of the game Uplink, where [spoiler alert] you choose to either help spread a virus to destroy the Internet, or help spread a "counter-virus", hacking large servers to cure them before they're overrun. Digital vigilantism, that's what that is.

[EmlynC]

"Digital vigilantism" that's exactly it.