Windows 7 and Server 2008 end of support: What will change on 14 January?

Businesses have many options, but with 25% of Windows users still on 7, security is a worry

It is remarkable that Windows 7 is reaching end of support on January 14 2020 while maintaining something approaching 27 per cent market share among Windows users, according to Statcounter.

This is down from 35 per cent in December 2018 but still substantial. Windows has a share among desktop users of around 77 per cent, so that is around 20 per cent of active desktop PCs.

"End of support" means no technical support, software updates or security fixes from Microsoft. Of these, the significant piece is the security fixes. Without regular patches, flaws that are discovered in the operating system will put users at greater risk from things like ransomware attacks, perhaps triggered by an email attachment or malicious web link.

Windows Server 2008 and 2008 R2 also go out of support on the same day. Although it is less likely that users will be browsing the web or clicking attachments on Server 2008, it is still risky if these servers are exposed to the internet – as appears to be the case with Travelex, currently suffering a ransomware attack – or if they are used for remote desktop services.

To be clear: Windows 7 and Server 2008 will get security patches, if needed, on January 14 as usual for Patch Tuesday; it's after that date that things will be different.

Another curious feature of this "end of support" is that Microsoft will still be providing security updates for both operating systems, for three further years. So the real end of support date is in 2023. That said, you can only get these "extended security updates", or ESU, in certain ways:

  • Windows Virtual Desktop (WVD) users get free ESU until January, 2023
  • You can purchase Windows 7 ESU by subscription from Microsoft Cloud Solution Providers, which means most IT support companies signed up as authorised Microsoft suppliers.
  • Windows 7 ESU is free for a year to customers who subscribe to Windows E5 or Microsoft 365 E5. Details are here
  • Only Windows 7 Professional and Enterprise are covered by ESU.
  • Windows 7 embedded can be supported through an "Ecosystem Partner Offering" support contract.
  • The scenario for Windows Server 2008 ESU is similar to that for Windows 7.

If you read the FAQ for Windows 7 ESU and the documentation for Server 2008 and 2008 R2, it is apparent that this works through the normal Windows update mechanisms – including Windows Server Update Services [WSUS], widely used in businesses – but that after January 14th, the update service will look for an ESU activation key, which must be renewed each year. On Azure or WVD, the activation key appears not to be necessary.

It would therefore be just as accurate to say that Microsoft is blocking security updates for Windows 7 and Server 2008 after January 14th for most users, as that it is enabling them for select customers.

Although it is not unreasonable for Microsoft to stop updating a decade-old iteration of Windows, there is no doubt that the company is also using this as a marketing opportunity. A booklet on "Preparing for Windows Server end of support" turns out to be mostly marketing for Azure rather than technical help. "Take the opportunity to transform," it says. Ahem.

Microsoft's eBook about Server 2008 end of support is full of marketing for Azure

Microsoft's eBook about Server 2008 end of support is full of marketing for Azure

Why are so many old versions of Windows still in use?

Windows 7 is a special case, since it is the last of its line before the upheaval that was Windows 8. Even in Windows 10 today, you can assign inconsistency between Microsoft's old and new approaches to the operating system. Windows 7 is in some ways more coherent, despite its age.

The reality in business, though, is more to do with inertia and application compatibility. Users who spend most of their time in, say, Google Chrome, Microsoft Office, and some custom internal applications, may find the benefits of upgrading to Windows 10 hard to see, while the cost of change is considerable.

What about the cost of not upgrading? "The threat is very simple to understand. If you continue to run Windows 7 in your organisation after next week you are putting your company, its staff, and data at risk because there simply won't be any more security patches made available … of course, many folks *will* continue to use Windows 7, presenting opportunities galore for criminals to take advantage of poorly secured systems," security professional Graham Cluley told The Register.

There is a degree of artificiality about this key "end of support" date and ways to keep old stuff patched, but the security risks are real. ®

Similar topics

Other stories you might like

  • North Korea pulled in $400m in cryptocurrency heists last year – report

    Plus: FIFA 22 players lose their identity and Texas gets phony QR codes

    In brief Thieves operating for the North Korean government made off with almost $400m in digicash last year in a concerted attack to steal and launder as much currency as they could.

    A report from blockchain biz Chainalysis found that attackers were going after investment houses and currency exchanges in a bid to purloin funds and send them back to the Glorious Leader's coffers. They then use mixing software to make masses of micropayments to new wallets, before consolidating them all again into a new account and moving the funds.

    Bitcoin used to be a top target but Ether is now the most stolen currency, say the researchers, accounting for 58 per cent of the funds filched. Bitcoin accounted for just 20 per cent, a fall of more than 50 per cent since 2019 - although part of the reason might be that they are now so valuable people are taking more care with them.

    Continue reading
  • Tesla Full Self-Driving videos prompt California's DMV to rethink policy on accidents

    Plus: AI systems can identify different chess players by their moves and more

    In brief California’s Department of Motor Vehicles said it’s “revisiting” its opinion of whether Tesla’s so-called Full Self-Driving feature needs more oversight after a series of videos demonstrate how the technology can be dangerous.

    “Recent software updates, videos showing dangerous use of that technology, open investigations by the National Highway Traffic Safety Administration, and the opinions of other experts in this space,” have made the DMV think twice about Tesla, according to a letter sent to California’s Senator Lena Gonzalez (D-Long Beach), chair of the Senate’s transportation committee, and first reported by the LA Times.

    Tesla isn’t required to report the number of crashes to California’s DMV unlike other self-driving car companies like Waymo or Cruise because it operates at lower levels of autonomy and requires human supervision. But that may change after videos like drivers having to take over to avoid accidentally swerving into pedestrians crossing the road or failing to detect a truck in the middle of the road continue circulating.

    Continue reading
  • Alien life on Super-Earth can survive longer than us due to long-lasting protection from cosmic rays

    Laser experiments show their magnetic fields shielding their surfaces from radiation last longer

    Life on Super-Earths may have more time to develop and evolve, thanks to their long-lasting magnetic fields protecting them against harmful cosmic rays, according to new research published in Science.

    Space is a hazardous environment. Streams of charged particles traveling at the speed of light, ejected from stars and distant galaxies, bombard planets. The intense radiation can strip atmospheres and cause oceans on planetary surfaces to dry up over time, leaving them arid and incapable of supporting habitable life. Cosmic rays, however, are deflected away from Earth, however, since it’s shielded by its magnetic field.

    Now, a team of researchers led by the Lawrence Livermore National Laboratory (LLNL) believe that Super-Earths - planets that are more massive than Earth but less than Neptune - may have magnetic fields too. Their defensive bubbles, in fact, are estimated to stay intact for longer than the one around Earth, meaning life on their surfaces will have more time to develop and survive.

    Continue reading

Biting the hand that feeds IT © 1998–2022