Skip to main content

Legacy OS


Watch Out for Microsoft End-of-Life Announcements

By NewsNo Comments

Watch Out for Microsoft End-of-Life Announcements

Aging operating systems (OSes), browsers, and applications can bring plenty of trouble for the enterprise.

[vc_single_image image=”365252″ img_size=”full”]

The Risks of Legacy OS

Aging operating systems (OSes), browsers, and applications can bring plenty of trouble for the enterprise. And with Microsoft providing so much software to the world, its end-of-life announcements can have far-reaching consequences. Hackers know about now-unsupported systems and salivate when they find them lurking in the dark recesses of the network.

It may be hard to believe, but there are still plenty of Windows XP systems out there. Windows 7, 8 and Vista systems, too, are not uncommon. The obsolete Internet Explorer (IE) browser also remains in widespread use, despite its support being phased out and it being replaced by Microsoft Edge.

Hackers are fully aware of this. The Angler exploit kit that delivers malware and ransomware favors IE and Flash as its main avenues of incursion. Its malicious scripts are smart enough to avoid virus scanners, target specific IP ranges, and go after certain configurations. It has compromised close to 100,000 websites to date.

Despite these statistics, some studies show that almost half of users run outdated versions of browsers, Flash and Java. IE remains on millions of systems worldwide despite it being a notorious security weak spot for many years. Failing to detect the presence of these systems and remove them exposes the organization to a Pandora’s Box of security threats.

Windows 10 Issues

But it isn’t only IE and older flavors of Windows. There is no room for complacency even if the enterprise has all PCs, laptops, and tablets running on Windows 10. Microsoft just released a major update to that OS. It includes several key security features such as removing Flash from the OS as part of the installation, improvements to Windows Defender Application Guard, and a Windows Management Instrumentation (WMI) Group Policy Service (GPSVC) update to support remote work.

To make matters worse, Microsoft is no longer providing security updates for older versions of Windows 10. Version 1909 has reached end of life for systems. This impacts editions such as Windows 10 Home, Pro, Pro for Workstations, and Pro for Education, and Windows Server 1909. Yet these versions are less than two years old – some users may have only been on them a few months. Earlier version 1809 and 1803 have been abandoned. All editions of this version have reached end of service and will no longer receive any patches.

The official announcement said:

“Windows Update will automatically initiate a feature update for Windows 10 consumer devices and non-managed business devices that are at, or within several months of reaching end of servicing. For these devices, you can choose a convenient time for your device to reboot and complete the update. This keeps your device supported and receiving the monthly updates that are critical to security and ecosystem health.”

Central IT Management and Automation

There is a lot going on in the security, vulnerability, and patch/update front. So much so that it has become difficult for IT administrators to stay on top of things.

In those cases where enterprise users have to manually install, or at least authorize updates, you can count on a large percentage failing to carry through vital updates to successful implementation. Many just don’t realize the potential danger of delaying these updates.

That’s why it’s vital to centrally manage, and fully automate system and device patching. Syxsense Secure reviews, verifies, tests, and issues all patches within three hours of issuance. Its software can automatically deploy those patches to all users and devices.

Syxsense also contains a patch rollback function in one of the rare instances when a problem arises due to a new patch. This represents the most efficient way to deal with the onslaught of new patches. It also frees up IT and security personnel to take care of other urgent areas of security for the enterprise.

[vc_single_image image=”331859″ img_size=”full” css=”.vc_custom_1613682412229{padding-right: 200px !important;padding-left: 200px !important;}”]

Start Your Free Trial of Syxsense

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

[vc_btn title=”Start a Free Trial” style=”gradient-custom” gradient_custom_color_1=”#da4453″ gradient_custom_color_2=”#8a2387″ shape=”round” size=”lg” align=”center” link=”|||” css=”.vc_custom_1586908107967{margin-top: 15px !important;}”][vc_separator css=”.vc_custom_1552427883977{padding-top: 20px !important;padding-bottom: 20px !important;}”]

SHA-2 Required to Patch Windows 7 Onward

By News, Patch ManagementNo Comments

SHA-2 Required to Patch Windows 7 Onward

Microsoft will release a critical standalone security update for Windows 7 and Windows Server 2008 / R2 in March, which upgrades these operating systems for SHA-2 support.
[vc_single_image image=”27175″ img_size=”full”]

Due to weaknesses in the SHA-1 algorithm, and to align to industry standards, from July onward Microsoft will sign each Windows updates using the more secure SHA-2 algorithm only.

If you are still running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) you must update your OS to support the SHA-2 hash algorithms or you risk losing the ability to patch Windows.

Scheduled for the March release, Windows 7 and Windows Server 2008 R2 SP1 will receive the updated SHA-2 code support and it is essential this is deployed to your devices. The biggest threat of this decision will be users who have diverse multi distributed networks or where they have decided to deploy Windows Updates manually or have turned off WSUS.

[vc_single_image image=”26877″ img_size=”full” alignment=”center”]

Syxsense will include the SHA-2 support on any new content, meaning any device which needs the pre-requisite will automatically be installed to ensure patching is consistent and trustworthy.

[vc_btn title=”Get Started with Syxsense” color=”warning” size=”lg” align=”left” link=”url:%2Fsyxsense-trial|||”]