Comment by jon-wood
If you put a product out in the field which can potentially be remotely exploited it’s on you to either patch it when someone does find an exploit or possibly open source everything so others can. If you genuinely can’t support it I guess you could put a self-destruct mechanism in which remotely bricks the device instead, just don’t expect your customers to be happy about it.
... or maybe build a foolproof product that cannot be hacked or attacked. Maybe products that don't get updated loose their access to the internet. And the only way you can get access is through some clamped down application.