In January 2020, Microsoft officially discontinued support and updates for Windows 7, officially concluding the five-year notice period its customers were given to make the move to Windows 10. 

Among many benefits of making the move to Windows 10, security stands out, and there are a number of reasons to make the switch to the newer operating system. With cybercrime continuing to rise and showing no signs of slowing down, running Windows 7 on your organization’s devices could have devastating consequences.

In this article, we’ve outlined some of the main security upgrades that your organization will benefit from simply by moving from Windows 7 and Windows 10. We’ve broken this down into the 6 main security weaknesses that have developed in Windows 7 over time, and also the 10 main security benefits of moving to Windows 10. 

What are the security flaws of Windows 7?

To get started, let’s look at some of the main security flaws that firms still using Windows 7 risk by running the older platform. 

1. It can’t cope with the number of security updates – Windows 7 is running Service Pack 1 which was brought out in 2011. A nine year old Service Pack simply isn’t capable of rolling out the hundreds of updates the operating system requires on a regular basis
2. Not all attack vectors are covered – Windows 7 relies on API hooking to detect malware; this isn’t as reliable a method, and does not cover all modern attack variables
3. File downloads are a weak point – the older operating system only checks downloads from Internet Explorer, meaning that files downloaded elsewhere are a potential liability
4. Passwords can be exploited – they and other login details can potentially be accessed from the Local Security Authority SubSystem (LSASS) via the Mimikatz tool
5. Admin-heavy – TLS 1.2 for WinInet and WinHTTP is not a default setting, and relies on IT administrators to manually action it whether or not the latest patch updates are installed
6. TLS 1.3 protocol isn’t supported – because of this it still relies on TLS 1.2 and its many vulnerabilities

Windows 10 and malware

With malware becoming such a big cyber security risk to businesses in the US and around the world, it represents the biggest acid test of Windows 10’s security credentials, and because of this, we start with malware. 

The newer incarnation offers a much greater suite of tools and plugins to guard against the threat of malware. So how does it stand up in reality?

Windows 10 has Early-launch antimalware inbuilt, which enables it to block suspect boot drivers from loading and therefore cutting off this entry point for malware. It also has Protection against “bootkits” – UEFI Secure Boot and Trusted Boot are both supported. This ensures that bootkits looking to exploit weaknesses in the opening stages of the boot process are detected and dealt with appropriately. Anti-malware services – specialised threat intelligence is reported back to vendors in order to understand and improve detection rates

So……. is Windows 10 more secure?

Ultimately, the question is then whether Windows 10 is more robust than Windows 7. As we’ve explored, the newer system boasts many additional security features and functionalities, but how is this playing out in reality?

While Forbes found high levels vulnerabilities still present in the system, these are generally accepted as being inevitable in this age of cyber security, and the increasing sophistication of the attacks that are carried out. So while the article was somewhat critical of the number of Windows 10 devices left vulnerable, it praised Microsoft’s response to those vulnerabilities with the finding that on average each was addressed within 36 days, calling the speed at which the corporation fixes vulnerabilities “remarkable”. 

What does this mean for your business?

Modern firms that rely so heavily on IT for everything from invoice payments to websites and marketing simply cannot afford to fall victim to cyber attacks. Although Windows 10 is not perfect, Windows 7 has now fallen a long way behind the curve and no longer runs security updates or supports the latest Intel or AMD processors. 

Given the number, range and sophistication of modern cyber security threats, patch updates have never been more important to maintain security – because of this, it’s highly recommended that your business moves to Windows 10. 

References

https://www.microsoft.com/en-us/microsoft-365/windows/end-of-windows-7-support

https://www.wired.com/story/how-mimikatz-became-go-to-hacker-tool/

https://www.acunetix.com/blog/articles/tls-vulnerabilities-attacks-final-part/

https://docs.microsoft.com/en-us/windows/security/information-protection/secure-the-windows-10-boot-process

https://www.forbes.com/sites/daveywinder/2020/04/21/the-average-windows-10-pc-has-14-weaponized-vulnerabilities-new-research-finds/#493478772fd9