Organizations still running Windows 7 are now officially living on borrowed time. As of Jan. 14, Microsoft has cut off extended support for the aging operating system.

Though Windows 7 computers will continue to run and function as always, they’ll be more vulnerable to security flaws.

That’s because the end of extended support means no more Windows 7 bug fixes, security updates, or other patches from Microsoft. But organizations still stuck with the OS do have a few options, according to Kollective.

SEE: What to do if you’re still running Windows 7 (free PDF) (TechRepublic)

First, if your company hasn’t yet weaned off Windows 7, know that you’re not alone. In a survey of 100 IT professionals in the US and UK conducted by Kollective in December 2019, 53% admitted that they’ve yet to complete their Windows 10 migrations.

Taking inventory is a challenge for some as 8% of the respondents said they’re not sure if their businesses still had PCs running Windows 7.

Even after the inventory and planning stage is complete, deploying a brand new OS and its updates can be difficult. Among the respondents, 34% of large businesses said they struggle to distribute content, files, and updates across their networks.

Among organizations with more than 100,000 endpoints, that percentage rises to 45%.

Companies that haven’t started a migration or are in the middle of one are all at risk as long as they still have network-connected Windows 7 computers.

With hackers and cybercriminals now eyeing Windows 7 as a juicy target, all is takes is one attack or flaw to compromise a machine and an entire network.

“It took many businesses up to three years to move from XP to Windows 7 and we can expect a similar timeline for the move to Windows 10,” Jon O’Connor, solution architect at Kollective, said in a press release.

“While a lot of companies have migrated the majority of their systems away from Windows 7, being ‘almost there’ isn’t good enough. It only takes a handful of unsecured devices to launch a full-scale cyberattack, so having even one or two Windows 7 PCs on your network could pose a serious risk,” O’Connor said.

“IT teams need to know for certain that every single device on their networks is off of Windows 7 — but the reality is that most simply don’t know.”

SEE: Choosing your Windows 7 exit strategy: Four options (TechRepublic Premium)

For organizations still running Windows 7, Kollective offers three possible options:

  • Remain on Windows 7. Obviously, this is the worst option as ignoring the problem leaves organizations vulnerable to various security threats. After Windows XP support ended in 2014, companies that didn’t migrate faced certain threats, including the WannaCry ransomware virus. Microsoft initially held off on a patch for XP until eventually releasing one to stop the spread of WannaCry. Staying on Windows 7 may seem like the path of least resistance, but it will cause more headaches in the long run, according to Kollective.
  • Pay Microsoft for extended support. For businesses that have yet to migrate off Windows 7, Microsoft offers Extended Security Updates (ESUs). Available for Windows 7 until January 2023, ESUs provide Critical and Important security updates on an individual basis to carry organizations as they migrate to a new OS. But ESUs are expensive and could rise in price each year. When Microsoft ended support for Windows XP, the cost of the ESUs for an organization with 10,000+ machines was just under $2 million a year, Kollective said.
  • Finish your migration now. Obviously, the best option is to complete your migration away from Windows 7 ASAP. Of course, this can be easier said that done for organizations with outdated infrastructure and slow network speeds. What does Kollective recommend? Well, Kollective is in the business of a Software-Defined Enterprise Content Delivery Network (SD ECDN), so naturally its advice is to use such a service to distribute updates across large corporate networks. However, there are other content delivery services you can evaluate if you wish to explore this approach. Such services as Amazon CloudFront, Google Cloud CDN, and Microsoft Azure CDN can distribute software and other content to organizations.

“While our best suggestion is to allow updates to roll out automatically, many businesses simply do not have the network infrastructure needed to achieve this,” O’Connor said.

“Instead, companies should be investigating solutions that quickly and effectively migrate their systems with minimum disruption to the wider business. Our recommendation is the installation of an enterprise content delivery network (ECDN) to help distribute the Windows 10 update immediately and at scale to those last remaining PCs.”


Bill Detwiler/TechRepublic