Security News

With no bug fixes or patches available for Windows 7 after Jan. 14, Veritas CIO John Abel offers tips to safeguard the PCs in your organization.

Simply put, we took the next 10 Windows malware samples that showed up for analysis at SophosLabs, checked that they ran on the previous versions of Windows and then threw them at the all-new Windows 7. The problem is that "New" malware samples, together with new vulnerabilities and exploits, are likely to work on old Windows 7 systems in much the same way, back in 2009, that most "Old" malware worked just fine on new Windows 7 systems.

Windows 7 has reached end of life on Tuesday, January 14, 2020, but hundreds of millions of PCs worldwide still run the operating system, which likely makes them a more tempting target for malicious cyber actors. It's worth noting that when Windows XP reached end of life in April 2014, the operating system also had a market share estimated at roughly 30%. The most obvious solution is to upgrade to Windows 10, which provides significant benefits both in terms of functionality and security.

Microsoft on Tuesday will offer its final, free updates and security fixes for its Windows 7 operating system as well as Office 2010. "After 10 years, support for Windows 7 is coming to an end on Jan. 14 in a planned activation to transition users towards Windows 10," a Microsoft spokeswoman tells Information Security Media Group.

What's so special about the latest Patch Tuesday is that one of the updates fixes a serious flaw in the core cryptographic component of widely used Windows 10, Server 2016 and 2019 editions that was discovered and reported to the company by the National Security Agency of the United States. What's more interesting is that this is the first security flaw in Windows OS that the NSA reported responsibly to Microsoft, unlike the Eternalblue SMB flaw that the agency kept secret for at least five years and then was leaked to the public by a mysterious group, which caused WannaCry menace in 2017.

Organizations still running Windows 7 are now officially living on borrowed time. SEE: What to do if you're still running Windows 7.

Attackers exploiting critical Citrix ADC, Gateway flaw, company yet to release fixesNearly a month has passed since Citrix released mitigation measures for CVE-2019-19781, a critical vulnerability affecting Citrix Application Delivery Controller and Citrix Gateway, which could lead to remote code execution. PCs still running Windows 7 will soon be significantly more at risk of ransomwarePCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned.

Cynet 360 autonomous breach protection is a good example of a multilayered advanced protection solution that can enables organizations who run Windows 7 to remain secure despite the end of support. "The reality is that Windows 7 is alive and kicking in many organizations even if Microsoft chooses not to protect them anymore. It should be a wake-up call to any CISO to ask himself or herself how to adjust to this new reality".

Only certain cameras support Windows Hello facial recognition, and you have to set up the feature for it to scan and recognize your face. On the plus side, if you're able to set up facial recognition, you can use it for more than just signing in to Windows 10.

PCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned. Businesses running Windows 7 should prepare themselves in order to avoid the impact that vulnerability to ransomware could have on their organizations.