The ultimate Windows threat could be from Microsoft itself, FBI warns

If you are still persisting with Windows 7, which passed its end of support deadline on January 14, 2020, then you could be jeopardising the security of other PCs on the same network. That’s the latest warning from the FBI, which has cautioned Microsoft fans about the risk of not upgrading to Windows 10.

Windows 7 reached its end of life back in January, meaning the desktop operating system – first launched back in 2009 – will no longer receive security patches, even if users discover a deadly security flaw or issue that causes apps to crash. Unfortunately, this fact has not stopped millions of people from still using the out-of-date operating system.

Stats from NetMarketShare reveals Windows 7 retains almost a quarter (23.34 per cent) of the the desktop operating system marketplace. Windows 7 is in second position in terms of the most used desktop software, behind first placed Windows 10 (59.37 per cent).

But the ageing software is considerably ahead of the third placed Mac OS X 10.15, which has a 4.53 per cent share of the market. And amid this ongoing widespread use of Windows 7 the FBI are warning the risks of running the out-of-date OS.

The federal law enforcement agency has warned that private firms running Windows 7 on their machines are at an increased risk of network attacks. As reported in a post by Bleeping Computer, the FBI have noticed a trend in hackers targeting networks running operating systems that have reached their end of life.

The FBI said: “The FBI has observed cybercriminals targeting computer network infrastructure after an operating system achieves end of life status. Continuing to use Windows 7 within an enterprise may provide cybercriminals access into computer systems. As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered.”

Following the end of life cutoff date earlier this year, Windows 7 no longer gets free software updates or security patches. Windows 7 users can sign up for the Extended Security Update (ESU) programme that offers members access to security updates for an extra three years.

But this subscription service is only available for Windows 7 Professional, Windows 7 Enterprise, and Windows 7 Ultimate machines via volume licensing programmes. The FBI says the best way to protect against such threats is to be running an actively supported operating system that receives security updates. They said: “Increased compromises have been observed in the healthcare industry when an operating system has achieved end of life status.

“After the Windows XP end of life on 28 April 2014, the healthcare industry saw a large increase of exposed records the following year.”

Upgrading a whole fleet of Windows 7 machines will bring with it a cost, but it’s a small price to pay compared to the security threats businesses face otherwise. If firms are unable to update their network PCs to Windows 10 immediately then they are advised to follow a number of measures…

• Ensuring anti-virus, spam filters, and firewalls are up to date, properly configured, and secure

• Auditing network configurations and isolate computer systems that cannot be updated

• Auditing your network for systems using RDP, closing unused RDP ports, applying two-factor authentication wherever possible, and logging RDP login attempts

Source: Read Full Article