Windows 7 is due to reach end of life (EOL) on the 14th January 2020. There are still a very large number of the worlds computers running this software, mostly in corporate environments. Microsoft ended mainstream support in January 2015 with the extended support running till January 2020.
This EOL means no more bug-fixes, security patches or new functionality which makes it significantly more susceptible to malware attacks. Just as it did with Windows XP, Microsoft will continue to offer support for those Windows 7 users still reluctant to upgrade, but it will cost you.
Windows 7 was the version of Windows most widely affected by the WannaCry exploit in 2017. This attack leveraged the EternalBlue vulnerability as an entry point. Windows 7 is still vulnerable to the recently disclosed Bluekeep bug and several other flaws that Microsoft patched in August this year.
How big is the Security Threat?
The longer you use an outdated operating system, the more likely vulnerabilities will appear and become a potential for attacks. If you take the older Windows XP platform, WannaCry infected companies of all sizes and industries around the world. Some companies didn’t realise their operations relied on Windows XP until they were affected. Because of this threat, Microsoft ultimately stepped in and issued an emergency patch for the operating system. Could the same thing happen with Windows 7? It’s likely it will.
What should you do?
Ultimately, this becomes a conversation about risk to your business. It is important to realise that this doesn’t instantly mean unpatched devices will result in a data breach. It means, without ongoing security updates, the number of unpatched vulnerabilities will continue to grow. However, having those vulnerabilities doesn’t mean that your organisation will be attacked.
Ideally, upgrade your machines to Windows 10. If that isn’t possible, ensure that all security patches and hotfixes are applied for your operating system. This isn’t something which you need to jump on top of immediately, but consideration should be given to upgrading. For our current clients, we will provide you with a plan going forward.
Can you extend your Windows 7 support?
In short, yes. Only if you are using Windows 7 Professional or Enterprise (Microsoft Extended Support). Microsoft will allow the users of Windows 7 Professional and Windows 7 Enterprise to extend their Windows 7 security updates through to January 2023. They will of course charge you for this privilege, but it will give your organisation time to plan moving forward with Windows 10.
Presently, the estimate for this is $50.00USD per machine per year, but we are yet to receive a formal price plan. We will update this post once we have some more information.
Update: 9 December 2019
Support for Windows 7 ends on January 14, 2020. While many customers are well on their way to deploying Windows 10, Microsoft understands that everyone is at a different point in the upgrade process. On December 1, 2019, businesses of any size with Windows 7 Professional or Windows 7 Enterprise will be able to purchase Extended Security Updates (ESU) through a Cloud Solution Provider (Network Alliance is a CSP). The Windows 7 ESU will be sold on a per-device basis and the price will increase each year.
The cost for the Windows 7 Extended Security Updates during 2020 is $75.00 ex GST (Update: 14 January 2020 – Pricing is actually $88.00 ex GST per year) for the year. This will increase in 2021 and again in 2022.
More resources about Windows 7 Extended Support can be found below:
- FAQ page from Microsoft: https://support.microsoft.com/en-us/help/4527873/itpro-faq-about-end-of-support-for-windows-7
- Support page: https://docs.microsoft.com/en-us/deployoffice/windows-7-support
Update: 7 January 2020 – PEXA Access
Some of you will start to get emails regarding access to the PEXA platform. PEXA recommend (and rightly so) to upgrade to a supported platform as soon as you practically can. If you are planning to subscribe to the Extended Security Updates then we advise that you notify PEXA of this so that you can ensure a continuity of access to their services. They will not cease to let you use their services. Please note that this applies to Windows 7, Windows Server 2008 and Windows Server 2008R2 as well. If you email firstname.lastname@example.org, and include your company name, contact details and proof of your ESU purchase, then this will ensure you are still able to use their services. For our clients, we will do this on your behalf.
Update: 15 January 2020 – Windows 7 Support Ended
So – the day has come where Windows 7 has retired, but not for all though. Whilst we encourage firms to look to upgrading to Windows 10 as soon as possible, you can continue to get security updates at a cost. Reasons for doing this is that you can’t upgrade do to some software issues, or replacement of all hardware at once is too costly.
A few other things which might be pertinent to you or your firm could be
- Media Center Support
- Privacy Issues
- Forced Windows 10 Updates
- Compatibility Issues
Does this mean the world is going to end? No, absolutely not. What it does mean though, is that you won’t get it for free. For businesses that want to take their time and decide their next step, then you can subscribe to the extended security update plan with Microsoft.