With just under four months until Microsoft stops issuing free patches for Windows 7, millions of PCs are still relying on it, leaving them exposed to new bugs that will probably never be patched. Microsoft has been nagging Windows 7 users to upgrade to Windows 10 for years now, yet a huge number of consumers and smaller businesses have either resisted those calls or missed them.
Those systems will be easy targets for hackers after January 14, 2020 when Microsoft stops providing free security updates for Windows 7. According to Russian security firm Kaspersky, some 47% of small to medium-sized businesses are still running Windows 7, while 38% of consumers and 38% of small office/home office PCs are on Windows 7.
Windows 7 was the version of Windows most widely affected by WannaCry, which locked up around 300,000 PCs in May 2017. Without patches Windows 7 will in the future be vulnerable to bugs like the recently disclosed ‘wormable’ BlueKeep bug and several more that Microsoft patched in August.
In the case of BlueKeep, Microsoft did offer patches for Windows XP even though it’s not supported to head off the chance of another WannaCry outbreak.
And it’s not just smaller organizations with huge numbers of PCs still on Windows 7. The UK’s National Health Service, which was hit hard by WannaCry, admitted in July that it had one million PCs running on Windows 7.
Large enterprises can of course apply for extended support contracts after January 2020, but these will cost at least $25 per device per year.
“The widespread use of Windows 7 is concerning as there is less than six months to go until this version becomes unsupported,” said Alexey Pankratov, enterprise solutions manager at Kaspersky.
“The reasons behind the lag in updating an OS vary depending on the software in place, which may be unable to run on the newest OS versions, to economic reasons, and even down to comfortability of routinely using the same OS.
“Nonetheless, an old unpatched OS is a cybersecurity risk and the cost of an incident may be substantially higher than the cost of upgrading. This is why we recommend that customers migrate to supported versions and ensure that additional security tools are in place during the transition period.”
With the Windows 7 deadline looming, Microsoft this month launched a program to help smaller companies move to Windows 10. As Computerworld reported, the ‘FastTrack Center Benefit for Windows 10‘ is available for organizations that purchase at least 150 licenses for Office 365 ProPlus or Microsoft 365.
For enterprise and education customers on select agreements, Microsoft is also offering Windows 7 security updates at no extra charge for one year under a special promotion that ends on December 31, 2019.
The Windows 7 offer is available to customers with an Enterprise Agreement (EA) or Enterprise Agreement Subscription (EAS) with active subscriptions to Windows 10 E5, Microsoft 365 E5, and Microsoft 365 E5 Security.