Moving away from Windows 7 will help prevent unnecessary exposure to security vulnerabilities and also help to satisfy requirements that govern various regulatory and compliance frameworks.

Vulnerability

Microsoft® Patch Tuesday will continue on but January 14th saw the last freely-available software update for Windows 7. This is important to realize because end-of-life software and OS’s (like Windows 7) will no longer benefit from necessary security patches to provide protection.

Bad actors will continue to backport new vulnerabilities by specifically targeting shared software components. Currently supported systems will receive patches and updates for those new vulnerabilities however, unpatched, end-of-life software products will be vulnerable to emergent threats.

Keeping an eye out for new threats may provide further impetus to transition off of Windows 7.


cvedetails.com | mitre.cve.org

Compliance

Staying on Windows 7 can adversely impact the security and privacy of your environment and also may violate compliance frameworks. One specific example surrounds the Payment Card Industry Data Security Standard (PCI-DSS) and the 6.2 requirement:

“Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor supplied security patches. Install critical security patches within one month of release.”

As well, under the Health Insurance Portability and Accountability Act (HIPAA), unsupported software is not compliant. Remaining on Windows 7 may also increase the potential for exposure of Personally Identifiable Information (PII).

Options

Based on your use case, a number of options may be available, including:

Join the Cadence Team

We take great pride in offering a large degree of flexibility to our employees by hiring independent professionals who can manage themselves.

View Open Positions