Wayne’s IT Security Blog

Windows Server 2008 R2 End of Life Support is nearing: January 14 2020

Only 6 Weeks until Microsoft ends the life of some of its most popular products.

These products include: Windows Server 2008, Windows Server 2008 R2, Office 2010, Windows 7, and selected business server software.

What does that mean for your business?

1. You’ll lag behind your competitors:

There are no patches or updates for old software, leaving businesses
still using it lagging behind competitors.

2. Outdated servers like Windows Server 2008 R2 costs more to run:

Old software costs more to run. Companies that upgrade to smarter,
faster, more secure systems and migrate to the cloud, save a fortune over time with drastically reduced capital costs.

3. You will be vulnerable with Windows Server 2008 R2:

Hackers love end of life operating systems, because it’s far easier to exploit.
The combination of no more security updates and lots of unpatched
holes makes it a prime target for cyber criminals.

4. Windows Server 2008 R2 will not be GDPR compliant:

Organisations that fail to protect their customers’ data are not compliant with GDPR. One of the main criteria of the new regulation is that
you have to use up-to-date, secure operating software, so if yours is falling short then all the hard work you did in 2016 will have been for nothing.

What if I don’t upgrade or replace Windows Server 2008 R2 by January 14th, 2020?

Imagine using a product that a company doesn’t want to take responsibility for anymore. You’ll be using the product at your own risk. This means that Microsoft will not take responsibility for loss of data due to security breaches.

What shall I do?

If you haven’t upgraded yet, it’s best to seek the help of an IT professional. This is a good way to ensure that everything is upgraded correctly and that all firewalls and antivirus are in place and working optimally. Depending on what type of hardware and software you’re using, you may need to take specific steps to make sure everything is fully compatible.

To meet with a member of our team or discuss your needs, please contact the ITCS support desk on 08456 400200 or email support@itcs.co.uk and we will be happy to help.

WebWindows Server 2008 R2 End of Life Support is nearing: January 14 2020

Windows 7 End of Life Support is nearing: January 14 2020

Only 6 Weeks until Microsoft ends the life of some of its most popular products.

These products include: Office 2010, Windows 7, and selected business server software.

What does that mean for your business?

1. You’ll lag behind your competitors:

There are no patches or updates for old software, leaving businesses
still using it lagging behind competitors.

2. Old software like Windows 7 costs more to run:

Old software costs more to run. Companies that upgrade to smarter,
faster, more secure operating systems, such as Windows 10, and migrate to the cloud, save a fortune over time with drastically reduced capital costs.

3. You will be vulnerable with Windows 7:

Hackers love end of life software, because it’s far easier to exploit.
The combination of no more security updates and lots of unpatched
holes makes it a prime target for cyber criminals.

4. Windows 7 will not be GDPR compliant:

Organisations that fail to protect their customers’ data are not compliant with GDPR. One of the main criteria of the new regulation is that
you have to use up-to-date, secure software, so if yours is falling short
all the hard work you did last year will have been for nothing.

What if I don’t upgrade or replace my machines by January 14th, 2020?

Imagine using a product that a company doesn’t want to take responsibility for anymore. You’ll be using the product at your own risk. This means that Microsoft will not take responsibility for loss of data due to security breaches on Windows 7.

What shall I do?

At ITCS, we have already upgraded many of our customers to the replacement Windows 10 platform.

If you haven’t upgraded yet, it’s best to seek the help of an IT professional. This is a good way to ensure that everything is upgraded correctly and that all firewalls and antivirus are in place and working optimally. Depending on what type of hardware and software you’re using, you may need to take specific steps to make sure everything is fully compatible.

To meet with a member of our team or discuss your needs, please contact the ITCS support desk on 08456 400200 or email support@itcs.co.uk and we will be happy to help.

WebWindows 7 End of Life Support is nearing: January 14 2020

ITCS responds to publicity surrounding CPU Chipset Vulnerabilities

Wayne Harris, Compliance Officer & Cyber Security expert at ITCS discusses the impact of the much-publicised chipset vulnerabilities revealed on 3 January.

There has been a flurry of publicity surrounding vulnerabilities identified within the Intel chipset (processors), however this vulnerability also affects other mainstream manufacturers AMD and ARM.  Together, these manufacturers provide the vast majority of processors in use by modern computer manufacturers.

Who is at risk and what is the threat?

The two vulnerabilities which have been revealed, ‘Meltdown’ and ‘Spectre’ affect every modern computer containing one of these processors, i.e. the majority of PCs on the market.  The CPU chipset vulnerabilities are present in most of the processors produced in the last decade and in certain circumstances the vulnerability allows access to contents of protected memory areas by some applications such as javascript in web browsers.

That said, despite the hype, the threat is currently considered low on the Common Vulnerability Scoring System (CVSS).

What is being done to tackle the risk?

The underlying vulnerability is primarily caused by CPU architecture design choices, so fully removing the vulnerability will require the replacement of the CPU hardware.  The true long-term solution will be the replacement of the vulnerable chipsets entirely – but don’t expect a product recall any time soon.

While it may be technically accurate to say a completely redesigned chip is the ultimate solution, large-scale hardware replacements would possibly amount to a needless, over-the-top reaction.  It is unlikely that manufacturers will offer chip replacements – we expect them to instead provide a solution to fix any chipset vulnerabilities with a patch.

Microsoft, Apple and other Operating system vendors have all responded quickly and they have released (or are working on) solutions which will ‘patch’ these vulnerabilities.

Will I notice any difference when my PC is patched for chip vulnerabilities?

Unfortunately, at present there is a performance cost to this patch solution –  because the solution involves segregating the kernel into a completely different address space, it takes additional time to separate the memory addresses and switch between the two.  The impact on performance will vary – anything from a 5% to 30% reduction in processing speed can be expected.

How are ITCS responding?

At ITCS, we have been monitoring the vulnerability since the news broke.

We have already implemented a roll out of the Microsoft patch update throughout our contracted customers to address these vulnerabilities.  Users may have had to restart their computers to apply the changes, and we will monitor these installations to ensure our customers continue to be protected with up‑to‑date vulnerability patching.

How should our customers respond?

This vulnerability highlights the need and importance of regular vulnerability reviews, and the timely installation vendor patching to reduce the risks to businesses from cyber-attack.

For a review of your cyber security, please contact ITCS on 08456 444 200, or use the call back request to speak to one of our support team.

 

 

WebITCS responds to publicity surrounding CPU Chipset Vulnerabilities