There is a relatively old—though still fundamentally true—adage about Windows: Microsoft's biggest competition is Microsoft, as a specific subset of users (and businesses) only upgrade to the latest version of Windows kicking and screaming. According to SpiceWorks' Future of Network and Endpoint Security report, published Tuesday, 32% of organizations still have at least one Windows XP device connected to their network, despite extended support for XP ending in 2014. (Notably, the last variant of XP, Windows POSReady 2009, reached end of life in April 2019.)
With the looming end of free support for Windows 7, this reticence of users and enterprises to upgrade to newer versions of Windows is likely to create significant security issues. Presently, 79% of organizations still have at least one Windows 7 system on their network, according to SpiceWorks, which also found that two thirds of businesses plan to migrate all of their machines off Windows 7 prior to the end of support on January 14, 2020, while a quarter will only migrate after that deadline.
(Score: 3, Informative) by jb on Wednesday July 31 2019, @05:45AM
Indeed. Although naturally migrating to (any) real OS would be orders of magnitude less risky than either "alternative", it seems probable that even sticking with the unsupported Windows XP would expose those organisations to less risk than "upgrading" to Windows 10.
Even if we assume that there's a very high probability (say, p=0.99) that a non-air-gapped Windows XP machine still running today will be compromised before its hardware expires of old age, that's still marginally better than the certain (p=1) knowledge that Windows 10 ships already compromised, by its own vendor (for more detail, see the terms of service for Windows 10).