Half of Windows Server 2003 fans will miss July's security cut-off

Please, sir, can we have a Custom Support Agreement?

More than half of companies are now expected to miss the deadline to quit Windows Server 2003 before Microsoft’s 14 July end-of-extended-support cut-off point.

Many will seek security cover through Microsoft Custom Support Agreements (CSAs) charged at $600 per server, or reckon on having in place their own plans for coping.

Firms in the normally risk-averse financial services sector feature highly among those who will shoot past the July date. Many of these — nearly half — will sign CSAs.

The findings come courtesy of Microsoft consultant and SI partner Avanade, which surveyed 100 companies on their state of Windows Server 2003 migrations.

Avanade in November estimates just a fifth would miss the July date.

It's just two weeks until Windows Server 2003 — released 12 years ago — slips out of extended support and Microsoft no longer releases security fixes.

That means, no new patches from engineers at Redmond to cover new vulnerabilities or hacks discovered or written.

Avanade said 51 per cent will run past the 14 July cut-off date. Twenty seven per cent will miss it by more than three months, and 24 per cent by more than a year.

A fifth in each of the categories of financial services, retail, distribution and transport, and of “other commercial” all accepted the risk, but are OK with it.

Manufacturing seemed less sure – eight per cent are comfortable with the risk.

The reason for companies' apparently relaxed attitude is split. Forty per cent of financial services firms planned on signing a CSA with Microsoft, compared with 28 per cent in manufacturing, 24 per cent in retail, distribution and transport, and 20 per cent in “other” commercial.

CSAs will see Microsoft continue to deliver new patches for customers who take out a deal. But CSAs are not an option for all: they're only available for Microsoft Premier customers, for a fee of $600 per machine — and only “as a last resort option to help bridge the gap during large and complex migrations,” a Microsoft spokesperson told The Reg.

Microsoft offered CSAs to Windows XP hold-outs after the end of extended support in April 2014, but it's being less generous with Windows Server 2003.

Windows XP CSAs could run year-on-year for up to three years, doubling in price each year - but Windows Server 2003 CSAs are limited, according to Avanade.

Paul Veitch, Avanade head of application development and UK cloud lead, said the fact Microsoft had offered CSAs for Windows XP after telling people there’d be no additional support, and that they simply had to migrate, had given the wrong impression, essentially that Microsoft had been holding out and then that crumbled.

Other stories you might like

  • GPL legal battle: Vizio told by judge it will have to answer breach-of-contract claims
    Fine-print crucially deemed contractual agreement as well as copyright license in smartTV source-code case

    The Software Freedom Conservancy (SFC) has won a significant legal victory in its ongoing effort to force Vizio to publish the source code of its SmartCast TV software, which is said to contain GPLv2 and LGPLv2.1 copyleft-licensed components.

    SFC sued Vizio, claiming it was in breach of contract by failing to obey the terms of the GPLv2 and LGPLv2.1 licenses that require source code to be made public when certain conditions are met, and sought declaratory relief on behalf of Vizio TV owners. SFC wanted its breach-of-contract arguments to be heard by the Orange County Superior Court in California, though Vizio kicked the matter up to the district court level in central California where it hoped to avoid the contract issue and defend its corner using just federal copyright law.

    On Friday, Federal District Judge Josephine Staton sided with SFC and granted its motion to send its lawsuit back to superior court. To do so, Judge Staton had to decide whether or not the federal Copyright Act preempted the SFC's breach-of-contract allegations; in the end, she decided it didn't.

    Continue reading
  • US brings first-of-its-kind criminal charges of Bitcoin-based sanctions-busting
    Citizen allegedly moved $10m-plus in BTC into banned nation

    US prosecutors have accused an American citizen of illegally funneling more than $10 million in Bitcoin into an economically sanctioned country.

    It's said the resulting criminal charges of sanctions busting through the use of cryptocurrency are the first of their kind to be brought in the US.

    Under the United States' International Emergency Economic Powers Act (IEEA), it is illegal for a citizen or institution within the US to transfer funds, directly or indirectly, to a sanctioned country, such as Iran, Cuba, North Korea, or Russia. If there is evidence the IEEA was willfully violated, a criminal case should follow. If an individual or financial exchange was unwittingly involved in evading sanctions, they may be subject to civil action. 

    Continue reading
  • Meta hires network chip guru from Intel: What does this mean for future silicon?
    Why be a customer when you can develop your own custom semiconductors

    Analysis Here's something that should raise eyebrows in the datacenter world: Facebook parent company Meta has hired a veteran networking chip engineer from Intel to lead silicon design efforts in the internet giant's infrastructure hardware engineering group.

    Jon Dama started as director of silicon in May for Meta's infrastructure hardware group, a role that has him "responsible for several design teams innovating the datacenter for scale," according to his LinkedIn profile. In a blurb, Dama indicated that a team is already in place at Meta, and he hopes to "scale the next several doublings of data processing" with them.

    Though we couldn't confirm it, we think it's likely that Dama is reporting to Alexis Bjorlin, Meta's vice president of infrastructure hardware who previously worked with Dama when she was general manager of Intel's Connectivity group before serving a two-year stint at Broadcom.

    Continue reading

Biting the hand that feeds IT © 1998–2022