skout-blog

Cybersecurity Threat Advisory 005-20: Windows 7 End of Life

Advisory Overview

Windows 7 has reached end of life on January 14th, 2020. Users who fail to upgrade leave themselves vulnerable to newly discovered malware and remote code execution attacks as Microsoft will no longer provide security fixes for these issues. Windows 7 users should update their devices to Windows 10 as soon as possible.

Technical detail and additional information

What is the threat?

Windows 7 has reached end of life on January 14th, 2020. Statistics show that out of Windows current market share of 77% more than 26% of users are Windows 7 users. This percentage equates to about one billion users who are still on Windows 7. Microsoft will now no longer provide users with software and security updates as well as fixes. On January 15th, users should notice that Microsoft will display notifications on Windows 7 devices to remind users that their operating system is no longer supported, and they should update their devices immediately. Please note that the following users who have Windows 7 Professional and have enrolled in the Extended Security Update (ESU) program, use domain joined machines or machines in kiosk mode they will not be shown this reminded.

Why is this noteworthy?

Windows 7 is an operating system that is being used by many people whether it be for personal or work use now that the operating system has reached end of life users should consider upgrading to Windows 10 promptly. As stated, before about one billion users are still on Windows 7 these users leave themselves vulnerable to various newly found exploits as the operating system will no longer be updated.

What is the exposure or risk?

Users who fail to upgrade leave themselves open to be vulnerable to various exploits such as newly discovered malware and remote code execution attacks as Microsoft will no longer provide security fixes for these issues. These types of attacks can be detrimental to an organization and must not be taken lightly.

What are the recommendations?

Windows 7 users should update their devices to Windows 10 as soon as possible. Please note that customers that require additional time to move on to Windows 10 will have the option for the Extended Security Update program, however; this support is only available for a select few products (Windows 7 Professional, Windows 7 Enterprise, and Windows 7 Ultimate) and should be considered a last resort. The ESU program provides security updates for 3 years after the End of Life Date which for Windows 7 is January 14, 2020. Also please be aware that if ESU is purchased a year after the end of life date they will have to pay for the preceding years as well.

References:

For more in-depth information about the recommendations, please visit the following links:

If you have any questions, please contact our Security Operations Center.