Jump to content
OpenSecurity.global
  • Recently Browsing   0 members

    No registered users viewing this page.

Sign in to follow this  
Kevin Beaumont

Windows 7 and Server 2008 - the next legacy issue

Recommended Posts

How are people planning to deal with this, out of interest?  They go end of extended life in January 2020.

Personally I think Microsoft will provide public patching for the 'big ticket' items after then for a few years, due to so many organisations continuing to run them.

For me I think there's a bit of a clash with what Microsoft is trying to do with Windows 10 and Server 2016 - cloud updates, major milestones each 6 months etc - versus what many corporations have on the ground still.  Will be interesting to see it play out.  For me organisations will have to risk manage things until they have great budgets - e.g. turn on Windows Firewall etc.

Share this post


Link to post

we are currently testing W10 builds for our VDI that uses MS TSBroker in HyperV on Nutanix - so 300 users will log out of W7 on a Friday and log back into W10 on a Monday 

and then the sh17 will hit the spinny thing because they wont have bothered to try the training material that tells them what to expect 

I will be booking the week off when I find out go live dates 🙂

I have 500 servers, two of them ( one in prod one in preprod) are 2008 - i will throw a party the day I get to turn them off and delete them 

  • Like 1

Share this post


Link to post

It’s funny coz we’re still wrestling with Windows XP but we are steamrollering windows 7. So end of this year we’ll be almost through the win10 migration, and I bet we’ll have more windows XP or server 2003 machines than windows 7!

Share this post


Link to post

We’re doing large upgrade programs and deploying mitigation’s where there is stuff that can’t be upgraded. For example we have clients that have critical software we’re there is no version that works beyond 2003 (gulp). So they’re segregated, big patches applied and enhanced endpoint controls deployed, 2008 will get similar treatment if they can’t move.

  • Like 1

Share this post


Link to post

Another option is take Microsoft up on the "free" security updates to Windows Server 2008 R2 when using Microsoft Azure.  Microsoft still support Windows Server 2003 in Azure, so it's kinda a legacy cash cow for them... maybe hence why they don't want to solve the on premise time bomb.

Share this post


Link to post

Windows 7 hasn't been so bad. Skipping 8 (typical every-other desktop OS cycle...) and going right to 10 hasn't been a huge change in user experience. But as Kevin mentioned, looking under the hood of Windows 10 should make any admin/secadmin catch their breath. If MS ever decides to make web/internet connectivity mandatory for lots of management or application installs, our world will shift again as IT teams lose fine-grained control.

Windows 2008 was a good OS in my books. For admins who grew up with 2000/2003, it wasn't as jarring a change as when you go to 2012 and 2016 (WTF is the logout button? WTF is computer management?). For us, we have plenty of 2008 boxes around, and the admin teams like to in-place upgrade them which, as a long-time sysadmin, makes me grind my teeth.

I think overall 2008 is going to be a longer change than any Windows server OS in the past. 2003 died "kinda" quick as holes appeared later on and things like PCI DSS rose up and started forcing a little introspection into the process of having old, unpatched systems here and there.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Members online now

    No members to show

×
×
  • Create New...

Important Information

We use cookies as we're cookie monsters. Privacy Policy