Microsoft End of Lifecycle

Microsoft End of Lifecycle

Windows 7 OS will be reaching its end of life cycle on January 14th, 2020. This means the software will no longer be supported unless you enroll in Microsoft’s Extended Security Update (ESU) program.

Product End of Support Date
SQL Server 2008 and 2008 R2 July 9, 2019
Windows Server 2008 and 2008 R2

January 14, 2020
Exchange Server 2010
Windows 7
Windows 7 Professional for Embedded Systems*
Office 2010 client

October 13, 2020
SharePoint Server 2010
Project Server 2010
Windows Embedded Standard 7*

Why update if I already pay for antivirus?

Antivirus and Security patching are different types of threat prevention. Microsoft, through security patches, fixes exploits in the OS where threats will make their way through undetected. Security patches fix vulnerabilities in the OS itself.

When an OS reaches its EOL, further updates will not be supported. This means that any security exploits will remain open to those that know of their existence. Operating systems are very complex, bugs and exploits will almost always exist. To counter this, patches are rolled out constantly to protect users from people abusing these exploits. When a product reaches EOL though, the patches no longer are there to protect users when new exploits are discovered. This then leads to increased time investment from hackers into finding exploits, as they know they will not be patched out.

An antivirus is a software. At a certain point, software developers will stop supporting EOL operating systems. This means that eventually your antivirus will fall out of date as well and be open to attacks more easily.

Information protection:

  • PCI
  • General Information management

Organizations that handle credit cards or other personal information will be subject to PCI compliance. This is the Payment Card Industry Data Security Standard. If an Operating System is no longer supported and security patches are no longer being released, PCI compliance will not be accomplished.

For organizations concerned with HIPPA violations, upgrading and keeping your OS up to date should be of paramount importance. A security breach would result in preventable legal issues and constituent information loss/leakage

The loss of other private information is also an issue. This would mean personal passwords, emails, banking information, etc. Anything stored on the computer, or even inputted into the computer would be liable to be seized for malicious intent.