How long does it take to apply updates for detecting attacks like WannaCry?
Since vulnerabilities are maintained generically and reported in advance, no special signature is required for attacks like WannaCry. For example, a warning level is set immediately as soon as the support for a particular operating system expires. Furthermore, control communications (which occur during the enlargement of such attacks) are recognized by generic patterns. This includes botnets or command-and-control connections.
Thus, current vulnerabilities and problems are continuously added into the system, which eliminates the need for a long update process.