On January 14, Microsoft has officially killed the lights on Windows 7, a beloved classic amongst Windows releases – only overshadowed by Windows 10 in 2018, when the latter became the most popular desktop operating system in the world – 9 years after the release of 7. Currently, over 440 million devices still run Windows 7 – this has pushed Microsoft to pursue an aggressive campaign focused on pop-ups that warn the users about the threats looming over the unsupported OS, pushing them to update to the latest iteration of Windows.
For some, whether Windows 10 is an actual improvement for many “lightweight” users of Windows 7 can be a matter of personal opinion – but for businesses and governments that rely on the older OS for their daily operations, this becomes much more serious. The cost of upgrading hundreds of thousands of machines maybe be a bitter pill to swallow, not to mention a risk of disrupting operations of critical infrastructure that still might run the Windows 7 – this has lowered the adoption rate below what was expected.
In Germany, the Federal Ministry still has over 30,000 machines running Windows 7. Microsoft still offers critical security updates to those willing to pay up, and the bill that German government is picking up is hefty – almost $900,000 for an additional year of staying updated, and the bill grows with each year. Health Service Executive, a public healthcare services provider in Ireland, faces a charge of over €1.1m for the same service.
Government bodies and healthcare providers are a crucial component of society that simply cannot afford to take any chances, keeping the lights on is vital for millions of people using their services. If a business decides to forgo staying updated and relying on their current levels of security, it’s also possible – but the risks associated with that can do way more damage than ever. Windows 7, along with a few older Windows releases, was a target of many high-profile exploits last year, and this trend is not going away in 2020 or anytime soon – the fact that lack of security updates renders many machines vulnerable, hackers will not hesitate to exploit any vulnerability in many devices – not only PCs, but also medical, financial, and infrastructural systems.
An argument could be made that end-of-life doesn’t necessarily mean that Windows 7 will never get any security patches and fixes in the future – Microsoft has already released one just days after January 14. As awareness of vulnerabilities targeting older operating systems (like BlueKeep and WannaCry) prompted a much-needed discussion about cybersecurity in 2019, Microsoft is still committed to making sure that Windows users are as protected from it as possible. The question remains – how long will Microsoft be willing to protect the deprecated OS, and how long will companies be able to pay up before tackling the risks that come with massive, operation-wide upgrades to Windows 10?
It’s important to remember that in 2020, the year of IoT, the question of whether your OS is safe enough to be used in critical infrastructure is also the wrong question to ask. Sure, it’s always the best option to stay updated, but in the always-connected world, we need to take extra steps to ensure our networks are safe from the outside risks – Windows 10 is not perfect and there is always a way in, whether through a malicious attack or human error. Read our cyber-predictions for 2020 to learn more about how to prepare a smart cybersecurity strategy for your business and enhance your security beyond routine system updates.