It’s the end of the road for Windows 7. Effective January 14, 2020, Microsoft will no longer support the 11-year-old Windows 7. For users, that does not mean they cannot use the operating system, Microsoft will just stop providing updates and security patches like a critical vulnerability disclosed earlier this week.

These changes will affect hundreds of millions of people because more than one-third of PCs use Windows 7, according to NetMarketShare. This number represents only slightly fewer than Windows 10, which is the most popular PC operating system, found on roughly half of the world’s personal computers. Windows 10 is used on 900 million devices, according to recent numbers from Microsoft.

Microsoft said that Windows 7 users can still use their computers after Tuesday, but the company warns they will be at “greater risk for viruses and malware.”

Microsoft is encouraging users and businesses to upgrade to Windows 10 for $139 or to buy a new device running Windows 10 if their computer is more than three years old. Microsoft previously offered a free upgrade from Windows 7 to Windows 10 when it launched its latest operating system over four years ago.

Like other operating system makers, Microsoft regularly ends support for their outdated software. So, while Windows 7 will continue to work after January 14 2020, your workplace should start planning to upgrade to Windows 10, or an alternative operating system, as soon as possible.

Windows 7 EOL: Upgrading to Windows 10

With this in mind, if your business is still using Windows 7, the most seamless option may be to consider an upgrade to a newer operating system. There are a number of options on the market today, both in terms of newer versions of Windows, or other providers, but if you want to keep it simple, the easiest option is to upgrade to Windows 10.

This is likely the best option for a number of reasons, predominantly in that both operating systems are made by Microsoft, so the upgrade process is reasonably easy, especially if you are updating a large number of office or workplace devices at once.

Staying with Windows also means there should be less disruption for your workforce, with most popular Windows 7 programs have been updated to work on Windows 10. The two operating systems also have numerous similarities when it comes to layout and interface, and in many cases, you can preserve the files on your PC.

However, it is important to remember that until your systems are upgraded to the latest version, your devices will be vulnerable to threats looking to exploit any unpatched security flaws in Windows 7 such has the CryptoAPI vulnerability reported by the NSA. It is unclear whether Microsoft will release an out-of-band patch for this critical vulnerability as they have in the past with Windows XP.

NSA Reported Crypto Bug: Why Patches are Integral to Security

Discovered and reported by the US National Security Agency (NSA), a cryptographic vulnerability, impacting Windows operating systems was found to “sign a malicious executable, making it appear the file was from a trusted, legitimate source.” Fortunately, Microsoft has released a security update as of January 14, 2020, to fix the issue.

However, besides fake file signatures, the crypto bug could also allow an attacker to fake digital certificates according to Microsoft’s advisory.

CVE-2020-0601: Windows CryptoAPI Spoofing Vulnerability

A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.

An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider.

A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates.

In consideration of the above information, Microsoft Windows 10 users should be sure to apply this patch immediately. This same is true for all critical patches, hence the decision or lack thereof to migrate away from the now obsolete Windows 7 platform could be cataclysmic for any business operation still using it.

If you require any further information on anything you read here, or would like to learn how Packetlabs can help secure your business, please contact us.