Microsoft ends support for Windows 7 after 10 years

Alonzo Simpson
January 16, 2020

The notification won't show up on devices running Windows 10 Professional with Extended Security Updates (ESU) and on domain-joined systems or machines in kiosk mode.

Microsoft has kicked off the new decade with fixes for half a century of vulnerabilities, including one discovered by the NSA that could allow hackers to spoof digital certificates to bypass security measures.

While most of us who commonly use computers already known that Windows 7 is no longer supported, many have no idea.

The security flaw leaves Windows vulnerable to a broad range of exploitation vectors, and the NSA expects remote exploitation tools to quickly become widely available. Microsoft has since admitted on 14 January it was now aware of the threat and issued a critical security patch.

Fast forward a few years and Windows 10 adoption has been steady, if not downright impressive.

To make sure anyone who was unaware is alerted to the fact that no more security updates will be available, full-screen warnings are now being displayed.

There are numerous signs that Windows 7, especially in the public sector, is even more widespread. "I don't know...just call it a hunch?"

You need to update Firefox if you use the platform.

Satya Nadella on CAA: Hoping immigrants can benefit Indian society, economy
Nadella, 52, is one of the two top tech leaders in the USA of Indian origin, apart from Sundar Pichai who heads Google . Pramila Jayapal, who said "Thank you ⁦@satyanadella⁩ for speaking out & raising your voice about the #CAA".

That's a huge number, and with Microsoft no longer pushing out updates, it could make Windows 7 a more attractive target for hackers. But system admins are advised to apply the CVE-2020-0601 patch immediately.

Nevertheless, the error happens to be a major one and Microsoft can consider itself fortunate it was found by the premier security agency before any hacking groups having ulterior motives.

She added that the agency had decided to make its involvement in the discovery public at Microsoft's request.

Security experts were quick to warn about the dangers associated with this flaw.

The bug doesn't affect Windows 8.1 or earlier Windows client operating systems, or Server 2012 R2 (and older) as they don't support ECC keys with parameters. U.S. companies are more likely to move on. Further, the company says that business users will also have the ability to launch Office apps from Edge directly.

Microsoft and the NSA both declined to say when the agency privately notified the company.

"Importantly, users are also urged not to trust website or emails with links that offer patches for the crypot32.dll", Cipot added.

"A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software", Microsoft also said.

Other reports by

Discuss This Article