A cyber-attack that has hit 150 countries since Friday should be treated by governments around the world as a “wake-up call”, Microsoft says.
It blamed governments for storing data on software vulnerabilities which could then be accessed by hackers.
It says the latest virus exploits a flaw in Microsoft Windows identified by, and stolen from, US intelligence.
There are fears of more “ransomware” attacks as people begin work on Monday, although few have been reported so far.
Many firms have had experts working over the weekend to prevent new infections. The virus took control of users’ files and demanded $300 (£230) payments to restore access.
The spread of the WannaCry ransomware attack slowed over the weekend but the respite might only be brief, experts have said. More than 200,000 computers have been affected so far.
BBC analysis of three accounts linked to the ransom demands suggests about $38,000 (£29,400) had been paid by Monday morning.
However, the ransomware warning said that the cost would double after three days, so the payments may increase. It threatens to delete files within seven days if no payment is made.
The effect in Asian nations so far on Monday has been limited. South Korea said just nine cases of ransomware had been found, giving no further details.
A statement from Microsoft president and chief legal officer Brad Smith on Sunday criticised the way governments store up information about security flaws in computer systems.
“We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world,” he wrote.
He added: “The governments of the world should treat this attack as a wake-up call.”
The organisation also said that many organisations had failed to keep their systems up to date, allowing the virus to spread.
Microsoft said it had released a Windows security update in March to tackle the problem involved in the latest attack, but many users were yet to run it.
Although a temporary fix earlier slowed the infection rate, the attackers had now released a new version of the virus, he said.