Windows patching , most do. Patching all apps, almost no one does and this MUST change. "LUCKY" (no kidding, this is the name) malware can exploit ten different vulnerabilities in Windows and Linux server which includes, Windows SMB, JBoss, WebLogic, Tomcat, Apache Struts 2, and Spring Data Commons.

Lucky also is worm-like in behavior and capable of spreading on its own with no human interaction at all

https://www.darkreading.com/threat-intelligence/satan-ransomware-variant-exploits-10-server-side-flaws/d/d-id/1333448