Less than one year of support remains for aging OS

With less than a year to go until Windows 7 runs out of support, many organization are still firmly rooted on the soon-to-be-obsolete platform.

As many as 43% of enterprises are still running the outdated operating system, according to a recent survey of 1,000 IT professionals in the US and UK by video distribution firm Kollective.

Even worse, 16% of IT professionals admit there still some Windows XP and Windows Vista on their corporate networks – more than three years after support for these operating systems went dark.

Microsoft ended mainstream support for Windows 7 back in January 2015. Extended support will run until January 14, 2020.

From early next year onwards, Redmond will no longer be supplying security updates for Windows 7 outside of costly extended support packages to the largest organizations.

Microsoft’s message to businesses is clear: upgrade to Windows 10, upgrade your hardware, and move onto a new PC if necessary.

Windows as a Service

The current situation with Windows 7 edging ever closer to obsolescence is comparable to what happened when Microsoft ended support for Windows XP, back in 2014, according to Kollective.

“While many businesses are better prepared for the end of Windows 7 than they were for the end of Windows XP, the move to the new Windows 10 operating system does come with its own set of challenges,” it said.

“One of the key concerns for businesses is the introduction of ‘as a service’ updates. Windows as a Service will mean that IT managers must update their operating systems far more regularly, rather than waiting for a mass migration once every few years.

“This means more testing, more roll outs, and ultimately, more opportunities for systems to fall out of date, opening enterprises up to massive exposure.”

Kollective's ‘Death of Windows 7’ report can be downloaded here (registration required).

Time to migrate

Security practitioner Rob VandenBrink warned that remaining on Windows 7 leads to an increased risk of malware infestation.

“The difference I’m seeing between companies that run Windows 10 / Office 2016, and companies that run Windows 7 and older versions of office is a significant difference in rates of malware infection,” VandenBrink said.

It’s high time to start any migration from Windows 7 project, VandenBrink advised in a post on the SANS Institute’s Internet Storm Center blog.

“Maybe start your project by updating machines as a standard first response to malware incident response? Or make the decision that it’s better for the business to pay for updates, as opposed to paying ransomware (and maybe not even getting what you pay for in that case)?”

Windows 7 is not the only technology Microsoft is preparing to put out to pasture. Windows Server 2008/R2 support will also expire this time next year, as UK enterprise security guru Kevin Beaumont pointed out.

“It’s gonna be kind of interesting as an enormous amount of orgs are going to go out of support to a large degree of their estate,” Beaumont said on Twitter. “I think it’s a commercial opportunity for security providers.”

He added: “Most of the NHS is Windows 7/2008, the MET police just completed Windows 8.1 migration, the NCA just completed Windows 7 migration, etc. I think there’s probably mileage in commercial ‘managed afterlife services’ for ghost IT.”