Home > Categories > IT Asset Management > Windows 7 Reaches End of Life; Are You About to Pay the Price?

Software Category

IT Asset Management

Write Review

Windows 7 Reaches End of Life; Are You About to Pay the Price?

Last fall, Microsoft announced that it would be ending support for Windows 7 on January 14, 2020. This has come into effect. Windows will no longer release any updates for the Windows 7 operating system – including crucial security patches.

Microsoft did say it would offer a paid service for Windows 7 Extended Security Updates (ESUs) on a per-device basis, but even this program has limitations. The program is only available for larger clients to extend their current security coverage. This includes large businesses, government operations, and educational services. Second, the program caps out after three years, ending in 2023. Finally, the price for the ESU will increase in the following year.

Source: Support for Windows 7 ends in January 2020, Microsoft. Accessed January 22, 2020

Microsoft’s Windows 7 has a myriad of security flaws including a zero-day vulnerability. Yet, despite the flaws, Windows 7 is one of the most-used operating systems among businesses at 32.74% of operating system share. Without continual security updates, users of Windows 7 will be at risk for more sophisticated probing and hacking tools. It remains critical to update and assess your security programs regularly.

Our Take

Try to update your security systems to the newest versions when possible. These versions are up to date with the latest security features and are based in response to innovations so they can better respond to threats.

The cost of remaining on Windows 7 will also begin to add up. If it is not possible to upgrade for operational reasons, consider this example in Germany.

Germany’s federal government has already paid close to one million euros in ESUs to Microsoft for the continued use of Windows 7, and it’s still operating thousands of computers on Windows 7. This is not only a security risk – since the system will no longer be receiving any updates – but also a financial burden. Germany’s federal government has at least 33,000 computers still operating on Windows 7. This number of computers operating Windows 7 will end up costing over €800,000.

For North American companies, at around US$25 to $50 per device in the first year, the fees will add up similarly. It is estimated that it would cost $500,000 for an enterprise running 10,000 machines in the first year. Furthermore, the ESU fee is cumulative and will increase for each year a user does not update to a newer Windows version. In the third year alone, this will cost a business around $100 to $200 per device.

The percentage of current Windows 7 users in Germany is comparable at 19.77% to North America’s 19.61%. This means that North American businesses are likely to pay far more – accounting for population – over the coming years in ESUs. With around 200 million PCs worldwide still running Windows 7, the costs businesses pay for ESUs will be staggering.

Current Windows 7 users should consider both the fiscal and security consequences of not updating to a newer version of Windows.


Want to Know More?

Develop and Implement a Security Incident Management Program

Design and Implement a Vulnerability Management Program

Build a Vendor Security Assessment Service

Other Recent Research in IT Asset Management

IT Asset Management

Qualys and Ivanti Partnership Boasts an Incredibly Robust Vulnerability Management Platform

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

IT Asset Management

RiskSense Releases a Unified Infrastructure Security Risk Management Program

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.

IT Asset Management

Address the Root of Your Vulnerabilities in a Resource-Tight Period

Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.

IT Asset Management

Kenna Security Releases Tool for the Custom Benchmarking of Vulnerability Management Programs

On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.