In a few days Windows 7 security support finally comes to an end. For an operating system launched in 2009, that’s really not bad going.
It was much liked as an OS: faster, lighter and less flaky than its predecessor Vista and much preferred to the Windows 8 releases that supposedly superseded! Business liked it as it seemed to just work (usually) without too much hassle and many have been clinging onto it in the hope that a good pinch of denial would carry them through… However, the time has come to admit it and realise that Windows 7 is no more. The remaining hangers-on must now let go of the reins and wistfully watch as Windows 7 saunters off to XP’s green pasture, living on only in memory.
So, what now? Microsoft wants them all to go to Windows 10. There are two possible reasons for not having done this yet: the first is simple inertia and the second is the (more troubling) dislike or fear of Windows 10. The first group will slowly get around to upgrading but who knows what the second group will do? Perhaps go back to pen and paper or leave the country / planet in the hope of never encountering anything computer shaped again?
Joking aside, the end of security updates means that the Windows 7 installations still out there are going to become steadily more and more vulnerable. A lot of people will not understand this though; they will think that the warnings do not apply to them as the free antivirus software that they installed will save them. This mentality tends to be robustly in denial about such things as computer security because they know that anybody wanting to charge them money is trying to rip them off.
I have read articles declaring that the GDPR hammer will fall upon the heads of those still running Windows 7 as GDPR states that software must be patched. This is not really true as GDPR tends to be deliberately vague about this sort of thing, realising perhaps that technology moves on quickly so there is no point in getting too specific as whatever detail is included will be out of date almost immediately. The ICO guidance, which tends to be a little more useful when it comes to practical advice, states that “examples of security measures you could take include actively managing software vulnerabilities, including using in-support software and the application of software update policies (patching), and taking other mitigating steps, where patches can’t be applied”. i.e. You can put other measures in place if there are no patches, assuming that these measures are up to the job…
Of course, the reality is that the remaining Windows 7 uses are unlikely to do anything by way of increasing security so I guess that they will get to find out first hand what it is like to be on the receiving end of modern malware.