What you need to know
- Windows 7 and Windows Server 2008 will reach end-of-life in January, 2020.
- One security group, 0patch, has laid out plans to issue their own micropatches after Microsoft ends its support.
- 0patch is ramping up its processes now to start deploying patches after official support ends in January.
Windows 7 and Windows Server 2008 will reach end-of-life status in January of 2020, meaning Microsoft will stop shipping security fixes unless organizations pay for extended support. One group, however, is looking to keep both secure by issuing their own "micropatches" for both Windows 7 and Windows Server 2008 after Microsoft's official support ends.
As detailed in a recent blog post, 0patch, a group backed by security research firm ACROS Security, has laid out a plan to develop and deploy patches for high-risk vulnerabilities in Windows 7 and Windows Server 2008 after January, 2020.
The patches will be developed based on the security advisories Microsoft posts with each Patch Tuesday for Windows 10. 0patch says that its team will determine which high-risk vulnerabilities are present in Windows 7 or Windows Server 2008 and then develop proof-of-concept (POC) tests for triggering vulnerabilities. From there, 0patch plans to develop and deploy fixes on their own. From 0patch:
Once we have a POC and know how the vulnerability was fixed by the people who know the vulnerable code best (i.e., Microsoft developers), we'll port their fix, functionally speaking, as a series of micropatches to the vulnerable code in Windows 7 and Windows Server 2008, and test them against the POC. After additional side-effect testing we'll publish the micropatches and have them delivered to users' online machines within 60 minutes.
The plan sounds ambitious, but the firm is hoping it can be used as a stop-gap for large organizations who may not be ready to update to Windows 10 and want to keep their Windows 7 and Windows Server 2008 machines secure. The group is currently working on its own central management service that allows administrators to set up groups of computers and use different policies for them.
Earlier this year, Microsoft began warning Windows 7 users about the OS's impending end-of-life date on January 14, 2020. Those still running Windows 7 on personal PCs are encouraged to move to Windows 8.1 or Windows 10, but enterprises can opt to pay for extended security support.
We may earn a commission for purchases using our links. Learn more.
Microsoft's cloud will power CES 2021
CES is going all-digital next year, and it's tapping Microsoft to power the experience. Microsoft and CTA announced today that Microsoft services like Teams, Azure, and Power Platform will all be used to put together next year's show.
Xbox Smart Delivery Games List
The full list of Xbox Series X and Xbox Series S titles committed to Smart Delivery support, and other free visual upgrade offers headed into next-generation consoles.
Xbox game store pages are still a nightmare for non-English speaking users
Microsoft's push for global gaming is still set back by this basic feature disparity.
Best Skins and Cases for Dell XPS 13 2-in-1 2020
The Dell XPS 13 2-in-1 is one of the best convertible laptops on the market, but what type of skin or case should you get for it? Here's what we think.