The US Federal Bureau of Investigation (FBI) has warned enterprises of a potential increase in cyberattacks on devices running Windows 7 in their network. On January 14, Microsoft announced Windows 7 end of life (EOL), and enterprises were advised to migrate to Windows 10 as soon as possible. For companies that plan to stick with Windows 7 and utilize extended security updates, Microsoft is offering volume licensing programs.

End-of-life operating systems receive fewer security updates and are more prone to vulnerabilities, making these hot spots for the execution of malicious activities. When Windows XP end of life was announced in April 2014, some companies tried sticking with Windows XP, which later ended up being a costly decision for many of them when the EternalBlue vulnerability was widely exploited using WannaCry and Petya ransomware in May 2017.

Another example of a vulnerability affecting outdated OSs is the wormable BlueKeep vulnerability that affected the Remote Desktop Connection (RDC) services in Windows. With these past cases a stark reminder of the risks of running outdated OSs, the FBI is warning enterprises about the consequences of running end-of-life software and advising them to to protect their network from cyberattacks by upgrading to the latest operating system.

For enterprises that are migrating, they have their own challenges ahead: migrating their entire network to Windows 10 in short span of time. There can also be significant costs to upgrading hardware so that it's compatible with Windows 10, but the cost is still nothing compared to the aftermath of a cyberattack.

How to simplify migration to Windows 10

For enterprises that already own SCCM, Windows 10 migration will take several steps, but with ManageEngine OS Deployer, the entire process can be automated. Admins can:

  • Create an OS image using offline and online imaging procedures.
  • Customize the image based on the user or department.
  • Use advanced techniques to deploy the custom image.

Additionally, OS Deployer offers the User State Migration Tool (USMT) to facilitate migration of OS settings, access-control lists (ACLs), applications, security settings, configurations, and user accounts, reducing the time and effort required for migrating.

If you can't migrate immediately, step up your defenses

Enterprises that are not in a position to immediately migrate to Windows 10 are advised to improve their cyber defenses to reduce their chances of falling victim to a cyberattack.

To secure your network and devices, you should:

  • Employ a antivirus solution to remove malicious programs and files instantly.
  • Ensure firewall, spam filters, and security configurations are up to date.
  • Regularly monitor and audit device logs, and separate unpatched devices from critical ones.
  • Close unnecessary ports, and employ multi-factor authentication (MFA) and Zero Trust security.

The critical security loopholes for Windows 7 devices will be unpatched OSs and application vulnerabilities. Organizations that have subscribed to extended security updates will be able to apply security updates for the time being. However, the best solution is migrating to Windows 10 before it's too late, and your network falls victim to an attack.