"The chaos surprised many security watchers because Microsoft issued an update in March that patched the underlying vulnerability in Windows 7 and most other supported versions of Windows. (Windows 10 was never vulnerable.)"

source: https://arstechnica.co.uk/security/2017/05/wcry-microsoft-is...

So I don't really know what you mean by 'hoarding the fix'. The patch was not initially released to some OS versions because they are NO LONGER supported.

The "$$$ extended support agreements" funded the development of those fixes. Why would anyone pay the agreements if Microsoft just developed and released those fixes for free? If organisations are stupid enough to lock themselves in to 16-year-old software and create more work for Microsoft I'd say they were well within their rights to charge.

maybe they were testing them?