Windows 7 and Server 2008 end of support: What will change on 14 January?:
It is remarkable that Windows 7 is reaching end of support on January 14 2020 while maintaining something approaching 27 per cent market share among Windows users, according to Statcounter.
This is down from 35 per cent in December 2018 but still substantial. Windows has a share among desktop users of around 77 per cent, so that is around 20 per cent of active desktop PCs.
"End of support" means no technical support, software updates or security fixes from Microsoft. Of these, the significant piece is the security fixes. Without regular patches, flaws that are discovered in the operating system will put users at greater risk from things like ransomware attacks, perhaps triggered by an email attachment or malicious web link.
Windows Server 2008 and 2008 R2 also go out of support on the same day. Although it is less likely that users will be browsing the web or clicking attachments on Server 2008, it is still risky if these servers are exposed to the internet – as appears to be the case with Travelex, currently suffering a ransomware attack – or if they are used for remote desktop services.
Another curious feature of this "end of support" is that Microsoft will still be providing security updates for both operating systems, for three further years. So the real end of support date is in 2023. That said, you can only get these "extended security updates", or ESU, in certain ways:
- Windows Virtual Desktop (WVD) users get free ESU until January, 2023
- You can purchase Windows 7 ESU by subscription from Microsoft Cloud Solution Providers, which means most IT support companies signed up as authorised Microsoft suppliers.
- Windows 7 ESU is free for a year to customers who subscribe to Windows E5 or Microsoft 365 E5. Details are here
- Only Windows 7 Professional and Enterprise are covered by ESU.
- Windows 7 embedded can be supported through an "Ecosystem Partner Offering" support contract.
- The scenario for Windows Server 2008 ESU is similar to that for Windows 7.
[...] There is a degree of artificiality about this key "end of support" date and ways to keep old stuff patched, but the security risks are real.
Related Stories
The Insurance Journal is asking if the NotPetya Windows worm was an act of war. If so, that would change any potential obligations carried by insurance policies towards claimants, in this case Merck & Co. NotPetya took over Windows computers in 2017 but was apparently originally intended to target Ukrainian Windows computers. The rest of the Windows computers may have just been collateral damage.
By the time Deb Dellapena arrived for work at Merck & Co.’s 90-acre campus north of Philadelphia, there was a handwritten sign on the door: The computers are down.
It was worse than it seemed. Some employees who were already at their desks at Merck offices across the U.S. were greeted by an even more unsettling message when they turned on their PCs. A pink font glowed with a warning: “Ooops, your important files are encrypted. … We guarantee that you can recover all your files safely and easily. All you need to do is submit the payment …” The cost was $300 in Bitcoin per computer.
The ransom demand was a ruse. It was designed to make the software locking up many of Merck’s computers—eventually dubbed NotPetya—look like the handiwork of ordinary criminals. In fact, according to Western intelligence agencies, NotPetya was the creation of the GRU, Russia’s military intelligence agency—the same one that had hacked the Democratic National Committee the previous year.
In all, the attack crippled more than 30,000 laptop and desktop [Windows] computers at the global drugmaker, as well as 7,500 servers, according to a person familiar with the matter. Sales, manufacturing, and research units were all hit. One researcher told a colleague she'd lost 15 years of work. Near Dellapena's suburban office, a manufacturing facility that supplies vaccines for the U.S. market had ground to a halt. "For two weeks, there was nothing being done," Dellapena recalls. "Merck is huge. It seemed crazy that something like this could happen."
Earlier on SN:
Windows 7 and Server 2008 End of Support: What Will Change on 14 January? (2020)
Cyber Insurance claims NotPetya was an act of war (2019)
Original Petya Master Decryption Key Released (2017)
(Score: 5, Insightful) by Anonymous Coward on Saturday January 11 2020, @05:16PM (5 children)
If you managed to avoid getting forcibly upgraded to Windows 10 then you've already shown yourself to be a computer expert and thus the majority of issues are nonstarters. The vast majority of security vulnerabilities require some degree of stupidity on the user's part that is, at the minimum, visiting an exploit hosting site - but more generally it involves running a program locally. I expect like most folks I often wonder why I even use a virus scanner when I haven't managed to get one in about 2 decades. Because I don't use my computer like an idiot - and that is the minimum requirement to be running Windows 7 today.
(Score: 2) by driverless on Sunday January 12 2020, @10:49AM
Also, given that the alternative ("among Windows users") is Windows 8 or Windows 10, what's remarkable is that it's only 27%, I would have expected it to be much higher.
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @10:54AM
If you're competent you SHOULD NOT be using a real-time virus scanner on your systems. Because AV vendors are more likely to make a mistake and mess up your system.
Basically what are the ways in nowadays? Browsers and running downloaded stuff.
So:
1) Keep your browser sandboxed and up to date
2) For running downloaded stuff (which should be kinda rare), use virustotal to scan stuff and then run/test it in a suitable VM.
You'll still do better than the rest of the sheep running Windows 10.
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @05:20PM (2 children)
If you managed to avoid getting forcibly upgraded to Windows 10 then you've already shown yourself to be a computer expert
Most of the ones I have come across there was some driver that was blocking it. Usually something with some USB drive or other. Last one was a wireless usb drive.
Just run the upgrade util (which still works). Pull out any hardware blocking the update. Put in new hardware to replace it. Move on. There just saved you 300 bucks and a pain in the ass 2 years from now.
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @07:39PM (1 child)
If and when Microsoft chooses to start making their dev tools (visual studio in particular) Windows 10 only then I'll be headed over to Linux. Running Windows 10 is, in my opinion, just an unacceptable option. It being spyware is already close to a nonstarter, but really puts it over the edge is opaque bundled updates that are surprisingly frequently completely broken. Microsoft's always had some degree of issues with technical competence but they seemed to be getting their stuff together, at least to a relative degree, prior to Windows 10. Now it's like they're partying like it's 1999 again. Seriously feels like they just chose to fire their entire dev team and outsource everything to India on the lowest bid.
All games I play are already mostly Linux compatible, natively or through Proton. Only thing keeping me tied to Windows is Visual Studio. And that attachment has been growing weaker over time since their technical incompetence has also been hitting on the dev tools side, though to a much lesser degree. Just small things like the IDE freezing up or crashing - never used to happen.
(Score: 2) by jasassin on Tuesday January 14 2020, @01:26AM
You are close! This guy explains [youtube.com] why Windows 10 has so many bugs (he worked for MS for 15 years).
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 3, Insightful) by The Mighty Buzzard on Saturday January 11 2020, @06:31PM (2 children)
Not much of an issue on gaming boxes that're firewalled off at the router, which is the only thing I use Windows for anyway.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @12:26PM (1 child)
i don't want that win X stuff on my gaming rig. i am seriously considering putting steamOS on it ... soon.
tho i don't surf much on that box, maybe youtube and nvidia websites via firefox ESR, there *might* be
ways to nuke win7 users in april when borderland 3 comes to steam? not via a flaw in the game but
a flaw in some winblows7 library that the games depends on but wasn't updated?
ofc for "single-player" games that are fun, steam can start the game in off-line mode and you only need to get online for updates of the game or downloading new games.
however, for (even more) fun games that let you play with/against other humans, ... well you gotta be online and a game is not a complete OS but depends on libraries/code that
the OS provides ...
anyways, i'll wait for the "pos" secrit hack for win7 but will def. make a "disk image" before EOL. if the "pos" for win7 doesn't materialize until april, i guess it'll be borderlands 3 on steamOS :)
(Score: 2) by The Mighty Buzzard on Monday January 13 2020, @02:23AM
See, I don't play video games with random chuckleheads on the Internet anymore. I got over that a long, long time ago. I enjoy myself a whole lot more either playing LAN games with The Roomie and his spawn or playing all by my lonesome. If I want childish insults and general dickholery from noobs with vastly over-inflated senses of self importance, I can get that right here.
My rights don't end where your fear begins.
(Score: 2, Insightful) by Anonymous Coward on Saturday January 11 2020, @06:34PM
For me? The date.
(Score: 0) by Anonymous Coward on Saturday January 11 2020, @06:38PM (16 children)
The proprietary EOL fuse blows and you get the error... No Operating System Found.
(Score: 1, Interesting) by Anonymous Coward on Saturday January 11 2020, @07:40PM (15 children)
No no no,
They're more subtle than that, you'll notice the system starts running like treacle, there'll be sudden crashes for no bloody good reason....oh, sorry, more sudden crashes than normal for no bloody good reason, random disk corruptions...
The point is to punish those naughty refusenik unbelievers, torture them, force them to swallow the Win10 kool-aid by making their unsuported Win7 'experience' as painful as possible..
(Score: 2, Interesting) by Anonymous Coward on Saturday January 11 2020, @08:25PM
I actually experienced that with Windows XP Pro. Shit started happening, I moved to Linux.
(Score: 3, Insightful) by jasassin on Saturday January 11 2020, @08:38PM (13 children)
I've never had Windows 7 crash on me in all the years I've used it. I have yet to have Windows 10 crash on me either.
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 3, Touché) by Gaaark on Saturday January 11 2020, @08:54PM
HEY, me either!
Oh wait.
--- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(Score: 0) by Anonymous Coward on Saturday January 11 2020, @08:54PM
It's not the 14th yet.
(Score: 0) by Anonymous Coward on Saturday January 11 2020, @11:52PM
Must not be using it right. Have you tried turning it off and back on?
(Score: 2) by RS3 on Sunday January 12 2020, @12:29AM (9 children)
I've had many crashes with Win7, but I think it's a driver that's not quite compatible. Wish they'd have made one.
That said, 15-ish years ago I blamed crashes on Windows (98, XP...) and discovered bad capacitors. Changed them out and crashes stopped.
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @01:04AM (8 children)
Power supply capacitors?
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @02:22AM (6 children)
(Score: 3, Informative) by Grishnakh on Sunday January 12 2020, @03:02AM (4 children)
The capacitor plague affected a lot of things, but in computers the big problem wasn't in the power supply, but on the motherboard itself. (Pedant note: these motherboard capacitors were involved in "supplying power", but the "power supply" in a desktop PC is a separate box inside the main unit.) The way I remember it, it was almost always motherboard caps that were failing for some reason. And it was easy to tell, too, because seeing the caps on a motherboard in an ATX case is relatively easy: just open the side panel and there it is, so you can see quickly which caps are bulging. Looking inside the power supply is much more difficult, as you'd have to open the ATX case, disconnect and remove the power supply, then ignore the "warning!!" labels and get a screwdriver and take it apart. Anyway, a bunch of small businesses popped up at the time to replace all the caps on peoples' motherboards to fix this problem, though of course an incalculable number of motherboards and whole computers were simply trashed because most people didn't know about the plague, and these crappy Chinese capacitors usually lasted long enough to make it through the warranty period, but not much past that.
(Score: 2) by RS3 on Sunday January 12 2020, @05:06AM (2 children)
Yes, awesome post. I replied before reading yours.
I think I've seen more power supply (the metal box) caps go bad than motherboard. But yes, many otherwise good PCs were trashed, and I'm pretty sure it was Dell who ended up replacing tons of PCs due to the caps, but it plagued all manufacturers. I think Asus and likely a few others were more careful to use good caps, but I'm sure they all got hit with defective caps with faked good-brand labels.
I still need to buy / build an ESR (capacitor) tester. I've found and replaced many bad caps that had no outward signs. Just loaded the PS and looked at the voltage with a 'scope.
And it's not just computers- I've fixed tons of TVs and monitors with bad caps. And all kinds of wall-warts, line-lumps, etc.
To be fair, even good caps used in switching supplies have a fairly limited lifetime spec. Personally I'm not thrilled with it. IIRC there was a story here on SN about someone who figured out how to make switching supply caps last much longer by using non-electrolytic caps along with electrolytics.
(Score: 2) by Grishnakh on Sunday January 12 2020, @10:43PM
>To be fair, even good caps used in switching supplies have a fairly limited lifetime spec. Personally I'm not thrilled with it. IIRC there was a story here on SN about someone who figured out how to make switching supply caps last much longer by using non-electrolytic caps along with electrolytics.
Electrolytics are really pretty awful capacitors in many ways; the problem is that we don't have anything better that doesn't cost a small fortune (which is tantalum caps, which also are made of conflict materials). If you read the specs for them, they have a lifetime rating in hours, usually only a few thousand. If you think about it, that's not much time for something that gets used a lot, or worse is on 24/7. Of course, that rating is generally worst-case, so if you run it at non-worst-case conditions then its lifetime goes up, but still: ceramic capacitors don't have this limitation.
High-end equipment will frequently be made with tantalum caps, which are a little smaller, and last longer, though they're not nearly as tolerant of overvoltage as electrolytics (they tend to explode if pushed past their ratings). And MLCC (multi-layer ceramic) is always getting better, so that's been taking over for electrolytics in some applications. Traditionally, ceramics had very low capacitance ratings, so were used for decoupling/noise, whereas electrolytics had far higher capacitance values, so could be used for power supplies, but MLCCs have been pushing values much higher. So, for instance, in the "old days" ceramics might have values in the pico and nanofarads only, and you'd use electrolytics for things from 1uF and up. But now, you'd only use ceramics for 0.1uF (100nF), but they also come in 1uF and 10uF commonly, with the latter being firmly in the electrolytic range a couple decades ago. So there's really less and less need for electrolytics these days; only for the really huge values (like over 1000uF).
As for your story, I don't think I ever saw it, and IINAPSE (I'm not a power supply engineer), but if I had to guess on a quick way to improve PS performance and reliability, it'd be to use MLCC caps in parallel with large electrolytics, with a couple different values (perhaps 0.1uF and 10uF) of the MLCC, so that fast transients are passed by the ceramics and not the electrolytics. But again while I might sound like I know what I'm talking about here, I really don't; I'm an EE but I've been working mostly in software most of my career.
(Score: 2) by Grishnakh on Sunday January 12 2020, @10:47PM
>And all kinds of wall-warts, line-lumps, etc.
Personally, I wouldn't even bother fixing these any more, unless it's already a switching PS and you can get the replacement caps cheaply and easily. If it's something older, I'd rather replace it with a newer switching adapter. Those old wall-warts with the iron-core transformers had absolutely terrible efficiency, and wasted a lot of power even when not in use, just being plugged in. They were even called "energy vampires" because they accounted for a surprisingly significant portion of the load on the grid, for such small devices. The new ones are much, much better, and use almost negligible power at no-load conditions.
(Score: 0) by Anonymous Coward on Sunday January 12 2020, @05:24PM
Yes, there are power supply caps on the MB near the power supply plug. I've also seen surface mount resistors burn out in that area.
(Score: 2) by jasassin on Monday January 13 2020, @09:42PM
I had a bad capacitor in my power supply. It started out that pressing the power button on my computer would turn the o-light on the front orange and it would immediately power off instead of sleep. I changed the sleep mode in my BIOS from R6 to the lower one. That worked and the computer would sleep, but then eventually the computer wouldn't power on anymore. I took apart my power supply and I could see a capacitor bulging on the top. I got five of them from eBay for $1.88 free shipping (china) and replaced it, and it solved the problem! Got my BIOS power set back to R6 and pressing the button makes it sleep like normal (flashing blue light).
My monitor (Scepter) also died on me about a month ago. I took it apart and saw (guess what?) two capacitors bulging on the top. Got eight of those from ebay for $5.00 and replaced the two bulging ones. It worked! This soldering iron has paid for itself! If you have facebook you can see the pics on facebook.com/jasassin (please no snide facebook comments, you don't use facebook and you hate it... good for you! I don't want to hear about it).
jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
(Score: 2) by RS3 on Sunday January 12 2020, @04:50AM
Technically yes, on the motherboard- ones involved in the Vcore supply voltages. The first attempt made it worse because I naively bought a batch of bogus no-name caps. When I bought and installed good name-brand ones, it became rock-solid and still is.
It's one of my dual-boot machines and interestingly it was totally stable running Linux (Slackware 12.1 or so), but Windows was flaky, would crash. I can't figure out how an OS could cause the instability. If hardware has a problem, how does one OS run fine?