Microsoft commented that anyone with a free anti-virus and had kept their system updated would be protected from the attack soooooo, what were the IT "specialists/technicians" doing in leaving systems unprotected?

There are people employed to "maintain" systems so what were they playing at leaving such systems open to attack.