General Discussions

elstaci · ‎08-28-2019

Windows 7 end of life: Months from patch cut-off, millions still haven't upgraded

Nearly half of all PCs used in small businesses are running Windows 7 despite Microsoft's January 2020 deadline.

With just under five months until Microsoft stops issuing free patches for Windows 7, millions of PCs are still relying on it, leaving them exposed to new bugs that will probably never be patched.

Microsoft has been nagging Windows 7 users to upgrade to Windows 10 for years now, yet a huge number of consumers and smaller businesses have either resisted those calls or missed them.

Those systems will be easy targets for hackers after January 14, 2020 when Microsoft stops providing free security updates for Windows 7.

According to Russian security firm Kaspersky, some 47% of small to medium-sized businesses are still running Windows 7, while 38% of consumers and 38% of small office/home office PCs are on Windows 7.

Windows 7 was the version of Windows most widely affected by WannaCry, which locked up around 300,000 PCs in May 2017. Without patches Windows 7 will in the future be vulnerable to bugs like the recently disclosed 'wormable' BlueKeep bug and several more that Microsoft patched in August.

In the case of BlueKeep, Microsoft did offer patches for Windows XP even though it's not supported to head off the chance of another WannaCry outbreak.

And it's not just smaller organizations with huge numbers of PCs still on Windows 7. The UK's National Health Service, which was hit hard by WannaCry, admitted in July that it had one million PCs running on Windows 7.

Large enterprises can of course apply for extended support contracts after January 2020, but these will cost at least $25 per device per year.

"The widespread use of Windows 7 is concerning as there is less than six months to go until this version becomes unsupported," said Alexey Pankratov, enterprise solutions manager at Kaspersky.

"The reasons behind the lag in updating an OS vary depending on the software in place, which may be unable to run on the newest OS versions, to economic reasons, and even down to comfortability of routinely using the same OS.

"Nonetheless, an old unpatched OS is a cybersecurity risk and the cost of an incident may be substantially higher than the cost of upgrading. This is why we recommend that customers migrate to supported versions and ensure that additional security tools are in place during the transition period."

With the Windows 7 deadline looming, Microsoft this month launched a program to help smaller companies move to Windows 10. As Computerworld reported, the 'FastTrack Center Benefit for Windows 10' is available for organizations that purchase at least 150 licenses for Office 365 ProPlus or Microsoft 365.

For enterprise and education customers on select agreements, Microsoft is also offering Windows 7 security updates at no extra charge for one year under a special promotion that ends on December 31, 2019.

The Windows 7 offer is available to customers with an Enterprise Agreement (EA) or Enterprise Agreement Subscription (EAS) with active subscriptions to Windows 10 E5, Microsoft 365 E5, and Microsoft 365 E5 Security.

Some 47% of small to medium-sized businesses are still running Windows 7.

Image: Kaspersky

quaglinoman · ‎08-28-2019

Yeah....and these will be the ones on the news complaining about how unfair Ransomware is.....when for years it was offered FREE as an upgrade. No sympathy here if you have not upgraded. In the news many local governments are hit, but have you been to a local city hall or DMV, or see the laptops used in a cop car? Generally Windows XP and at best a non-updated Windows 7 version from say 2010

bearcat22 · ‎08-29-2019

Ransomware can be easily detected by most anti-virus programs. I havn't updated my Win 7 in two years. On purpose. Zero problems. I have all my important data backed up just in case. Installing Windows 10 is like installing a virus and malware. I have no sympathy for people who are running it.

colesdav · ‎08-29-2019

Windows 10 is Ransomware / Spyware. Windows 8.1 is similarly patched now.

hardcoregames_ · ‎08-28-2019

I upgrade to all new versions of Windows, you can upgrade from an OEM machine setup and Windows 10 accepts all windows 7 and above keys

Every machine I own is licensed for Windows 10 and I own a lot of laptops but fewer desktops

colesdav · ‎08-29-2019

I upgraded a number of old laptops to Windows 10 years ago as a test and I have secondary OS Drives for Windows 10 Game testing. Windows 10 has been a support and stability nightmare. No backup and restore method. No privacy. Unfortunately Windows 10 is the only OS AMD really has support for.

I run Linux for anything serious now.

hardcoregames_ · ‎08-29-2019

I use Lenovo laptops and the more recent ones have the serial in the BIOS so I do not even have to paste it in to use it.

All of them have TPM chips so bitlocker works fine. All have much more RAM than they came with.

The finger readers even work with Windows 10.

black_zion · ‎08-29-2019

Not really as serious as it sounds in 2019. Heck, millions of POS terminals and other such equipment are still running XP (or earlier), and it doesn't matter how up to date your OS is if the target vector is Flash or Java, or stand alone malware. Realistically the biggest threats are cryptominers, ransomware, and other such vectors.

And it sure doesn't matter if you run a custom unhackable OS behind enterprise grade malware and intrusion protection if Equifax or Target gets hacked and your personal details revealed, or that phone app you use or public WiFi you connect to is compromised. Remember CamScanner with 100M downloads had to be pulled because third party code used to serve ads in the app contained malware?