Securing business data

News Article

Windows 7 End of Life. What You Should Know...

by Giulia Foss | 28 Jan 2019

shutterstock_80781073

Windows 7 End of Life  – Get Ahead

Many of us have written or read Penetration Testing reports that have identified out of date or unsupported operating systems within a network. Often enough the recipient of the report will be aware of the issues and systems involved and have a plan in place to replace and/or upgrade.

The issue is such plans often take an unexpected amount of time and resource to implement once one begins to dig under the surface of what such an upgrade actually means in terms of stability, security and software support. As a result this can often mean the upgrade actually occurs after the stated end of life date, leaving a network of systems without updates or security patches for an undesirable period of time.

Two weeks ago today marked the 14th January 2019, significant because in exactly one years time support (extended support at that) will end for Windows 7 (SP1), with Windows 8.1 following roughly three years later.

   

OS

Basic Support

Extended Support

Windows 8.1

January 9, 2018

January 10, 2023

Windows 7

January 13,2015

January 14, 2020


   

Basic user support for both has already ended, however many organisations are still likely to be running internal networks based off these two soon to be legacy systems.

What Does This Mean for us?

As Microsoft defines it an end of life / unsupported operating system means the following:

“An unsupported version of Windows will no longer receive software updates from Windows Update. These updates include security updates that can help protect your PC from harmful viruses, spyware, and other malicious software which can steal your personal information. Windows Update also installs the latest software updates to improve the reliability of Windows - such as new drivers for your hardware”

Without the support of the vendor providing much needed security updates this often opens the door for malware to spread with greater ease given known issues are unlikely to be patched helping to prolong the life and effectiveness of known exploitable weaknesses.

What Should we be Doing?

Just now is a golden time to be thinking about the future, planning for the deprecation of a widely used workstation operating system takes time and some careful consideration, start by thinking about the operating system hardware requirements and existing software requirements; does all that bespoke software you have actually run properly on the newer platform? If this is not known, now is the perfect time to start planning and answering these key questions; the last thing you want to do is introduce instability during this process.

There is loads of information out there on planning the next steps, we would advise starting with some of the following sources for more information:

https://support.microoft.com/en-gb/help/13853/windows-lifecycle-fact-sheet

If you end up in a situation where a critical BAU system is affected by lack of support for a newer operating system NCSC have published some guidance on securing systems on a short term only basis, although helpful to buy some more time, it should not be relied upon as a long term solution:

https://www.ncsc.gov.uk/guidance/obsolete-platforms-security-guidance



call us

Get in touch

Talk to our experts today +44 (0) 20 7592 8800

Send us a message

We'll get back to you Send us a message

Connect with us

See what we're saying elsewhere