BNMC Blog

By accepting you will be accessing a service provided by a third-party external to https://www.bnmc.net/

Unpatched Windows is Like Leaving Your Car Door Open in a Sketchy Parking Garage at Night with Wads of Cash in the Driver’s Seat

Unpatched Windows is Like Leaving Your Car Door Open in a Sketchy Parking Garage at Night with Wads of Cash in the Driver’s Seat

I recently read a statement from the National Security Agency (NSA) expressing concerns over the risks and vulnerabilities that come with running unpatched versions of older Windows operating systems. First, you know it’s serious if the NSA, an entity in the US who depends on the collection and processing of information, is worried that your personal information is at risk. Second, it’s another in a long line of reasons to not allow your network to fall into such disarray that you can no longer protect it.

Why Are Windows Updates So Important?

Microsoft Windows is complex software. It needs to be. In order to do everything, we need it to do every day, and work with everything we need it to work with, it contains a lot of features and capabilities baked in.

The more complex your software is, the more chances there are that someone out there could find a vulnerability. This happens all the time, and when vulnerabilities are discovered, good software developers will quickly build an update that fixes them before they are exploited.

That’s what Windows updates are. Sure, there are new features being added in many of the updates as well, but the security patches are what is truly critical.

**Please note that sometimes it isn’t a good idea to just let Windows updates run automatically. Sometimes an update can break something else (like a third-party application or internal workflow). It’s best to test updates before deploying them across your network.

Problems Get Exposed as they are Fixed

Let me give you a more old-school example. Way back in the day, you used to be able to ‘hack’ a vending machine with fake coins called slugs. To combat this, new vending machines were created that had multiple sensors to measure and analyze the coin in real time to determine if it were real. When these new machines were released, they were also might newer looking than the old school, hackable vending machines. Word got out about how easily the older machines could accept a slug and encouraged people to seek them out to get free beverages.

What can we take away from this?

  • If you owned an old vending machine, you were at risk of being hacked.
  • Older vending machines were targeted by people who knew that they were hackable, as opposed to the new vending machines that weren’t as easily exploitable.
  • Risk increased as time went on if you owned an older vending machine.
  • How often do you see vending machines that even take coins these days? I’m dating myself.

When Microsoft releases security updates, this exposes the vulnerability to the world. This includes hackers. This means everyone is on bought time once an update comes out, because hackers know that not everyone will update.

Older Operating Systems Have the Highest Risk

If you are running a version of Windows (or any software) that has reached the end of its developmental and support life, you are playing with fire.

For example, if you are still running Windows Vista (please, I hope you aren’t) then Microsoft’s mainstream support ended in April 2012. They offered extended support up until April 2017.

Mainstream support is when Microsoft is still providing features, security updates, patching bugs, and more. Extended support is when Microsoft stops adding new features and only provides bug fixes and patches, and only provided that you are on the exact version of the software or operating system that Microsoft says they are supporting.

Back to our example of running Windows Vista (my fingers crossed that this example is purely hypothetical and nobody is still using Vista), it’s pretty clear that Windows Vista was not the shining example of the perfect operating system and that by the end of life there were no flaws whatsoever for hackers to target. If you are running Vista now, you are constantly wide open for any threats that the operating system doesn’t have protections against.

Microsoft’s Upcoming Support Lifestyle End Dates

Here’s a list of the current operating system and server end-of-life dates.

Windows Operating System

Windows XP - April 8, 2014
Windows Vista - April 11, 2017
Windows 7 - January 14, 2020 (It’s coming up!)
Windows 8 - January 10, 2023
Windows 10 - Estimated for October 2025

Microsoft Server Operating Systems

Windows Server 2008 - July 12, 2011
Windows Server 2008 (SP2) - January 14, 2020 (just around the corner!)
Windows Server 2008 R2 - April 9, 2013
Windows Server 2008 R2 (SP1) - January 14, 2020 (It’s almost here!)
Windows Server 2012 - October 10, 2023
Windows Server 2012 R2 - October 10, 2023
Windows Server 2016 - January 11, 2027
Windows Server 2016 Semi-Annual Channel 1709 - Not announced yet
Windows Server 2016 Semi-Annual Channel 1803 - Not announced yet
Lync 2013 - April 11, 2023
Skype for Business 2015 - October 14, 2025

Microsoft SQL Server

SQL Server 2005 (SP4) - April 12, 2016
SQL Server 2008 (SP4) - July 9, 2019 (It’s HERE!)
SQL Server 2008 R2 - July 10, 2012
SQL Server 2008 (SP3) - July 9, 2019 (It’s HERE!)
SQL Server 2012 - January 14, 2014
SQL Server 2012 (SP3) - July 12, 2022
SQL Server 2014 - July 12, 2016
SQL Server 2014 (SP2) - July 9, 2024
SQL Server 2016 - January 9, 2018
SQL Server 2016 (SP1) - July 14, 2026
SQL Server 2017 - October 12, 2026

Exchange Server

Exchange 2007 - January 13, 2009
Exchange 2007 (SP3) - April 11, 2017
Exchange 2010 - October 11, 2010
Exchange 2010 (SP3) - January 14, 2020 (Get ready!)
Exchange 2013 - April 11, 2023
Exchange 2013 (SP1) - April 11, 2023
Exchange 2016 - October 14, 2025

SharePoint

SharePoint 2010 - July 10, 2012
SharePoint 2010 (SP2) - October 13, 2020 (Just over a year away!)
SharePoint 2013 - April 14, 2015
SharePoint 2013 (SP1) - April 11, 2023
SharePoint 2016 - July 14, 2026

If you are running outdated software, you are putting yourself, your business, your employees, and your clients at risk. Want help planning your next upgrade? Reach out to BNMC at 978-482-2020 to get an idea of what it will take.

 

Comments 1

Tim Meyers on Friday, 13 December 2019 03:12

Just don't leave your car door or window open. It is reckless! Drivers can have many car problems and they shouldn't complicate things by letting doors open. For example, a car can damage while you are on the road. When one needs commercial vehicle roadside assistance, he should call a professional company that offers prompt services.

Just don't leave your car door or window open. It is reckless! Drivers can have many car problems and they shouldn't complicate things by letting doors open. For example, a car can damage while you are on the road. When one needs [url=https://www.ttsroadservice.com/]commercial vehicle roadside assistance[/url], he should call a professional company that offers prompt services.
Already Registered? Login Here
Guest
Wednesday, June 03 2020

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Productivity Business Computing User Tips Privacy Cloud Email Network Security Microsoft Hosted Solutions Software Hackers Computer Business Malware Efficiency Communication Data Google Small Business Workplace Tips IT Services Mobile Devices IT Support Hardware Cloud Computing Tech Term Managed IT Services Internet Data Recovery Innovation Backup Ransomware Smartphone Outsourced IT Users Windows Smartphones Android Mobile Device Upgrade Saving Money Data Backup Miscellaneous Microsoft Office communications Business Management Business Continuity Windows 10 Disaster Recovery Browser Information VoIP Facebook Server Phishing Social Media Network Productivity Cybersecurity Office 365 Managed IT Services Windows 10 Passwords Internet of Things Data Management App Gmail Word Vulnerability Remote Monitoring Gadgets Infrastructure Managed Service Artificial Intelligence Encryption Chrome Apps Quick Tips Mobile Office BYOD Analytics Company Culture Website Tip of the week Remote Workers Save Money IT Support Money Settings Employer-Employee Relationship Networking Managed Service Provider Virtual Reality VPN Information Technology Access Control Applications Router Risk Management Education Apple Unified Threat Management Storage Office Tips Employee-Employer Relationship Display Maintenance Collaboration Firewall Hacker Data storage Avoiding Downtime Antivirus Development Big Data Robot Automation WiFi HIPAA BDR Paperless Office IT Management Data Security Google Drive Government Bandwidth Content Filtering Virtual Private Network YouTube Computers Tablet Data loss Retail Alert Conferencing Telephone Systems desktop Managed Services Printing Password MSP Augmented Reality Two-factor Authentication Managing Stress Laptop The Internet of Things Managed IT Service Vendor Management OneNote Monitors Document Management Data Breach Customer Relationship Management Scam Chromebook Windows 7 IT Outlook Solid State Drive Software as a Service Break Fix Social Network Spam Computing Wireless Downtime Search Marketing End of Support Bring Your Own Device Operating System Social Training LiFi Humor Hard Disk Drive Hosted Solution Mobile Security Remote Computing Administration Best Practice Server Management Business Technology SaaS Mouse Business Intelligence iOS Wi-Fi Touchscreen Managed IT Holiday Going Green Virtualization Human Error Memory Statistics Hacks Modem FinTech Analysis Students Scary Stories How To Lenovo Dark Data Update Inventory Staff Leominster Bitcoin Regulations Scalability Running Cable Mail Merge Blockchain Asset Management Google Wallet Language Value Virus Downloads Mirgation Recycling Utility Computing Shortcut Distributed Denial of Service Politics IoT Digital Payment Updates Buisness VoIP Unified Threat Management Peripheral Business Growth Device Reducing Cost Virtual Desktop Bluetooth Comparison Work/Life Balance Cookies Digital Mixed Reality Sports Firefox Superfish Customer Service Shadow IT Legal K-12 Schools Disaster Office Samsung Windows 8 Social Networking Migration Consulting Address Permissions Health Private Cloud Memes Unified Communications Drones Computing Infrastructure Professional Services LED Threats Chatbots eWaste Laptops Patch Management Tech Support Star Wars PowerPoint User Error Mobility Batteries Specifications Mobile Device Management Nanotechnology Spyware Gamification Deep Learning Wearable Technology Network upgrade Uninterrupted Power Supply Heating/Cooling Multi-Factor Security Social Engineering Motherboard Cables Computer Care IBM Alerts USB File Sharing Co-Managed IT Alt Codes Identity Continuity Managed Services Provider Cybercrime Websites Fraud Cost Management Onboarding GDPR Time Management Printer Print Toner Myths Black Friday Screen Reader Charging Identity Theft Slack Hard Disk Drives COVID-19 Smart Office Huawei Servers Google Calendar Safety Wires Corporate Profile Messaging Emergency Holidays Budget Licensing Dongle Content Typing Solar G Suite Entertainment Vendor Dark Web Distribution Assessment Automobile Digital Signage Data Warehouse Network Management Dell Shortcuts Mobile Management Cyber Monday Current Events Smart Tech Monitoring Solid State Drives Network Congestion Remote Work Work Streaming Processor Legislation Voice over Internet Protocol WannaCry Employee-Employer Relationships Halloween Payment Card Cooperation Service Level Agreement Cabling Cryptocurrency Compliance Hybrid Cloud Microsoft Excel Logistics Hotspot Internet Exlporer Google Maps Troubleshooting Business Analysis SharePoint Writing Optimization Security Cameras Profiles Smart Technology IT solutions Connectivity Spying National Security Techology Google Docs IT Technicians GPS IT Consultant Computer Repair Relocation Printers Cameras Mobile Data How To Tracking Recovery Meetings Cleaning CCTV Black Market Law Enforcement Webcam Notifications Electronic Medical Records Financial Physical Security Error Twitter Ben McDonald shares Upgrades Gadget Mobile Computing Emoji Point of Sale Crowdsourcing Travel Personal Information Botnet 3D Printing Regulation Supercomputer CrashOverride Cortana Staffing Motion Sickness Processors Taxes Machine Learning Administrator Web Server what was your? Unsupported Software IT Budget

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3