Advice Request The Windows 7 Postmortem: What’s at Stake

Please provide comments and solutions that are helpful to the author of this topic.

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
Nearly a quarter of endpoints still run Windows 7, even though support and security patches have ended.

In January 2020, Microsoft officially ended its extended support and discontinued patching of Windows 7. Despite the long lead time and repeated reminders, numbers since the COVID-19 pandemic have shown a slight uptick in Windows 7 deployments. The recent estimates show that more than 26 percent of endpoints were still running Windows 7 as of March, most likely due to organizations deploying older machines to support suddenly remote workers.
While organizations will never fully be protected from vulnerabilities found after end-of-life (EOL), there are steps to mitigate threats and minimize the damage actors can do as much as possible, while security and IT teams work towards a system upgrade.
  • IT and security teams need to come together and establish an audit of services and hardware connected to the network, creating a full picture of every device, status, upgrading capability and other factors.
  • Minimize your attack surface by keeping all third-party software updated. While the core OS will not be supported, updates to software such as Firefox and Chrome will still be distributed. Apply all available patches as soon as possible to close that window of attack and minimize the attack surface.
  • Segment your vulnerable devices on the network as much as possible. This will help contain the threat and greatly aid in remediation.
  • Disable services that are often taken advantage of by attackers, such as RDP and SMB on Windows 7 devices.
While the above solutions may provide a temporary stopgap, it’s simply not worth the risk to avoid an upgrade. Given that the average time to weaponizing a new bug is seven days, IT and SecOps teams have 72 hours to harden systems before malicious players weaponize the exposed vulnerabilities. The use of Windows 7 after EOL without paid extended support leaves any organization at risk and unable to meet the 24/72 Mean Time to Hardening threshold. This increased risk increases the attack surface and leaves infrastructure vulnerable to attack. Ultimately, keeping the digital landscape up to date helps enterprises of all sizes be a smaller target from malicious threats.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
My girlfriend works at a grade A Dutch organization (meaning every employee's background is checked by Dutch intelligence, so it goes further than the good behavior - no criminal record check) guess what she has on het company laptop: WINDOWS 7 yes SEVEN.

To the organization's credit, I could not get into her PC using some popular Windows 7 hack tricks. Her PC is also completely locked down (unable to run downloaded programs or programs from USB). They start their Windows7to10 migration in June (before 1 september all 1000 employees should be on Windows 10).

It is not the type or organization wanting to be vulnarable to unpatched bugs, so is Microsoft still (secretly) pushing security Windows 7 updates to clients paying?
 
Last edited:

Gandalf_The_Grey

Level 76
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
6,506
My girlfriend works at a grade A Dutch organization (meaning every employee's background is checked by Dutch intelligence, so it goes further than the good behavior - no criminal record check) guess what she has on het company laptop: WINDOWS 7 yes SEVEN
I also have windows 7 (without any updates for months) on my work laptop :rolleyes:
Rollout of Windows 10 was stopped for my department because of some software not working with Windows 10.
Now the software works on Windows10, but the rollout has never been resumed.
 

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
I also have windows 7 (without any updates for months) on my work laptop :rolleyes:
Rollout of Windows 10 was stopped for my department because of some software not working with Windows 10.
Now the software works on Windows10, but the rollout has never been resumed.
Could you sens an email to your IT-department, asking whether they don't get nervous about the unpatched security bugs. Woul be interesting to know their reaction
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top