BlueKeep and other reasons to accelerate your Windows 10 migration

The end of support for Windows 7 starts January 14, 2020. That means free security support will also come to an end. Even if cost alone is not a big enough motivator to upgrade, mounting vulnerabilities and increasingly expensive security fixes are just not worth the risk of staying with the status quo.

blog 2

BlueKeep. If your business is running on Windows 7, it’s likely a moniker you’re all too familiar with. The high-severity vulnerability, first revealed by Microsoft and confirmed recently by researchers, is looming as the greatest potential “wormable” threat since the infamous WannaCry ransom attack wreaked havoc across the globe in 2017.

That’s the bad news. The good news is that Windows 10 is not vulnerable to this threat. That makes BlueKeep just the latest example of the growing urgency for organizations to upgrade to Microsoft’s next-generation operating system.

Despite Microsoft’s plans to end Windows 7 support next January, however, Windows 7 remains the most popular PC operating system worldwide, at 43% usage, according to research firm Avast’s PC Trends Report 2019. And it will likely remain a widely used OS for at least the next half-decade, according to Computerworld estimates. That’s five years after Windows 7 support ends in 2020, along with free security upgrades.

There are myriad reasons IT organizations stay put on an aging OS: it’s a stable enterprise backbone; users love it; upgrading presents its own stressors. But is it worth the risk to stay committed to Windows 7? Not when weighed against mounting vulnerabilities and increasingly expensive security fixes.

Getting to State of the Art

Windows 7 launched in 2009. A lot has changed in the security world since then. Attacks like BlueKeep are sophisticated, malicious, and strike on a global scale. “The technology, the level of social engineering, the level of craftsmanship that these attackers put into attacks has increased significantly,” says Brad Anderson, Corporate Vice President, Enterprise Experiences and Management at Microsoft. “If you think about what the state of the art in attacks was ten years ago, it might as well have been ten light years.”

Windows 10, the current state of the art, is designed with modern attacks in mind. For example, Defender ATP (Advanced Threat Protection), the anti-malware built into Windows 10, was developed to help protect against cyber threats, detect advanced attacks and data breaches, and automate security incidents. The Defender team recently released Threat and Vulnerability Management, new cloud-based technology that constantly scans the endpoints of an organization and flags known threats and vulnerabilities on Windows.

“We give a to-do list to the security organization that’s comprised of some of the most impactful exploits, organized in real time,” says Anderson. “As we learn [from telemetry] on a global scale, we’re automatically able to reprioritize every individual list for every single customer, helping them to understand where to spend their time.” And, ultimately, save time.

For IT and security teams dealing with a constantly evolving threat landscape, the prospect of mounting vulnerabilities and increasingly expensive security fixes are just not worth the risk of staying with the status quo.

Learn more to plan your shift to Microsoft 365.

Copyright © 2019 IDG Communications, Inc.