Microsoft Announces End to Security Patches for Windows 7 PCs with Older Processors

For some Windows 7 PCs, the game is up. Although Microsoft officially will support security updates for machines running Windows 7 until Jan. 14, 2020, it has become clear that the company will not do so for all such devices — which could leave many in the public sector still working on legacy devices vulnerable.

In an updated support article on its website that was first widely noticed in late June, Microsoft indicated that, for older Windows 7-based PCs that do not support Streaming Single Instructions Multiple Data Extensions 2 (SSE2), it would no longer provide security patches. SSE2 allows computer chipsets to process multimedia in parallel, which improves performance. In 2012, the feature became mandatory for processors running Windows.

Users of such PCs, which run on now-archaic Intel processors (circa early to mid-2000s), have been experiencing a stop error. Previously, as ZDNet reports, Microsoft said it was working on a fix for the issue. Now, it is advising users affected to either “upgrade your machines with a processor that supports SSE2 or virtualize those machines.”

It’s unclear how many organizations or machines are affected by this change in stance, which, as ZDNet notes, is allowed under Microsoft’s Business, Developer and Desktop Operating Systems Policy. “Older products may not meet today’s more demanding security requirements,” the policy reads. “Microsoft may be unable to provide security updates for older products.”

However, the change does provide fresh incentive for organizations of all kinds to update their PCs, virtualize them, or migrate from Windows 7 to Windows 10. Updating or virtualizing PCs can enhance an organization’s cybersecurity posture, especially by ensuring that the PCs continue to receive regular security patches.

Small and medium-sized businesses are more likely to have already done so, according to analysts, but government agencies may be more susceptible. Traditionally, according to Linn Huang, a research director at IDC, who covers PCs, thin clients and monitors, the public sector “is the last to move” to a new operating system. Luckily, IDC has “seen healthy migration efforts from government and education in play already,” meaning the sector many not be as heavily impacted.

SIGN UP: Get more news from the StateTech newsletter in your inbox every two weeks!

Why Some Agencies Wait to Upgrade to Windows 10

Three years after the debut of Windows 10, Windows 7 still has more market share than the newer platform. According to data from analytics vendor Net Applications, cited by Computerworld, in May Windows 7 accounted for 41.8 percent of the user share of all PCs and 47.3 percent of all those running Windows. Windows 10 accounted for 34.7 percent of all PCs and 39.3 percent of all Windows-based PCs. (Microsoft announced in May that nearly 700 million devices now run Windows 10, up from about 500 million in May 2017.)

“Broadly speaking, Microsoft has always been challenged in moving the enterprise markets off of older Windows iterations to new ones for a few reasons,” says Huang.

Corporate IT departments generally value stability more than new features from the latest version of operating systems, Huang says. He adds that OS migrations “can also get fairly costly for larger companies.”

The effective end-of-support date for Windows 7 in January 2020 is “a means for Microsoft to move the last corners of the corporate world from Windows 7 to Windows 10, and allows it to focus more of its resources on Windows 10, which to its credit has been favorably received by most organizations we’ve talked to.”

Another issue, Huang says, is Windows 7’s lack of compatibility on new chipsets, which has been causing “all sorts of driver issues” on PCs. Windows 7 was already proving problematic with Intel’s sixth-generation Skylake processors, according to Huang, but PC makers built bridges to ensure their key devices for the enterprise market would be compatible with Windows 7. “This has not been the case for the subsequent two generations, so a new PC powered by Intel’s latest processors would likely have to remain Windows 10 when deployed,” he says.

A commercial survey IDC fielded in February found that larger enterprises were 49 percent through their migrations to Windows 10, and 97 percent expected to be complete within the next two years, which will put their migration completions right around the time Microsoft will stop supporting Windows 7.

In another commercial survey completed last week, according to Huang, IDC asked, “On a scale of 1 (not concerned at all) to 10 (extremely concerned), how concerning is the [end-of-life] date of Windows 7?”

The average for large enterprises was 6.5, which Huang describes as a moderate level of concern; 41 percent rated their concern levels an 8 or higher, and 14 percent rated their concerns a 3 or lower.

Security Concerns Drive Windows Upgrades

In short, Huang says, “there is still a significant chunk of the enterprise installed base on Windows 7, and there is legitimate concern on behalf of IT managers to get this done ahead of” the January 2020 deadline. However, it appears most enterprises plan to complete the migration in time.

“I believe the corporate migration to Windows 10 has occurred faster than previous iterations,” in part due to how well Windows 10 has been received by the commercial world, Huang notes.

Importantly, the enhanced security features of Windows 10 and the need for continuous security updates likely are major drivers in the upgrades, Huang says.

“A focus on security and on manageability, in a world where CEOs lose their jobs over breaches and the IT environment accelerates in its complexity, has and will continue to prove a winning formula for Microsoft and its users,” Huang says.

“The primary challenge has been that most organizations only moved from XP to 7 as late as five years ago and were not planning and budgeting to move to the next iteration for another decade.”