And anyone who knows what they’re doing would have built in decent safeguards - obviously hindsight is a luxury here, but there’s a reason there’s a whole lot of checking that goes on when others are downloading update content over a hostile network… Input validation is a thing, and all that.

They just weren’t very mature on that front, and now we all got to laugh at them but everyone else made similar mistakes along the way, just most of them started their journey decades ago (thinking windows update, etc), so we forget about the learning curve they suffered through building a resilient process