The US Federal Bureau of Investigation (FBI) has issued a warning over security threats posed by the continued usage of Windows 7, retired by Microsoft earlier this year.
The much-loved operating system reached end of life on January 14, meaning security patches, software updates and technical assistance are no longer available – but many users have remained loyal to the outdated OS regardless.
However, according to the FBI notice, Windows 7 is attracting the attention of malicious cyber actors, who are seeking to take advantage of undiscovered security flaws in the no-longer-supported operating system.
Windows 7 customers that purchased an Extended Security Update (ESU) plan are the only exception; security support for these users will extend until January 2023.
Windows 7 end of life
According to the FBI, there is strong precedent for cyberattacks on unsupported Windows operating systems and remote desktop protocols.
With the vast majority of Windows 7 customers unable to patch their systems, the intelligence agency believes criminals will continue to look upon the operating system as a “soft target”.
“The FBI has observed cybercriminals targeting computer network infrastructure after an operating system achieves end of life status,” reads the FBI notice.
“Continuing to use Windows 7 within an enterprise may provide cybercriminals access into computer systems. As time passes, Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered.”
To mitigate against the threat of attack, the FBI advises users adopt a “multilayered approach” to protection. This involves updating operating systems to the latest supported version (i.e. Windows 10), checking antivirus and spam filters are properly configured and isolating computer systems that cannot be updated.
“Migrating to a new operating system can pose its own unique challenges, such as cost for new hardware and software and updating existing custom software. However, these challenges do not outweigh the loss of intellectual property and threats to an organization,” added the FBI.