In a recent blog post titled “Helping customers shift to a modern desktop”, Microsoft has confirmed that from 14 January 2020, when the extended support for Windows 7 ends, they will only keep pushing security updates to Windows 7 users who have signed up to a monthly paid subscription. Microsoft also says that the subscription fee will increase every year.

Today we are announcing that we will offer paid Windows 7 Extended Security Updates (ESU) through January 2023. The Windows 7 ESU will be sold on a per-device basis and the price will increase each year.

The pricing has not yet been revealed and Microsoft is only making this offer to Windows 7 Professional users. Seems like if you want to keep your devices safe, you will soon have to upgrade to Windows 8 or 10.

Helping customers shift to a modern desktop
Source

 

[Lacius]

For those of you who will not and/or cannot upgrade to Windows 10, I recommend one of the following:

• If your computer isn't compatible with Windows 10, research why not and potentially fix it.
• If the incompatibility cannot be easily fixed, buy a new computer.
• Switch over to an actively supported Linux distro like Ubuntu or Lubuntu.

It's dangerous to stay on Windows 7 past January 14, 2020 (15 months from this post).

 

[Xzi]

DLC for your operating system. Peak capitalism right here. Good thing Valve is working on getting all Steam games running on Linux, Microsoft's greed may force me to make the switch sooner than I expected (on Win10 now).

 

[Dominator211]

wow just wow, microsoft had it perfect and now we have windows 10. lets hope react OS gets good enough by 2020 if not 2025

 

[WildDog]

If you know what you're doing, there's no risk to your legal Windows 7 license. In addition, Microsoft cannot currently discern between a Windows 10 upgrade done now and a Windows 10 upgrade done two years ago.

Are you really that naive, to think that MS, cannot discern when a license was first activate or upgraded? Trust me, they do black list keys from time to time.

 

[Sakitoshi]

It's dangerous to stay on Windows 7 past January 14, 2020 (15 months from this post).

What part of it is dangerous? is it gonna explode?
Windows 7 will continue to function as well as has been doing for years. This comes from someone currently running 10 and that has a "server" laptop running 7.

 

[Lacius]

Are you really that naive, to think that MS, cannot discern when a license was first activate or upgraded? Trust me, they do black list keys from time to time.

In short, one could have accepted the free upgrade offer years ago while postponing any license data being sent to Microsoft's servers, since the generation of GenuineTicket.xml is all done offline using gatherosstate.exe. This means a person can activate Windows 10 online using a legitimately generated GenuineTicket.xml without Microsoft knowing when the aforementioned file was created. Keys, particularly volume license keys, are blacklisted all the time when there's blatant piracy going on, but that's not at all analogous to what we're talking about.

Edit: And again, the above can be done without ever sending your Windows 7 license information to Microsoft, so it's not going to get blacklisted (not that it would anyway).

What part of it is dangerous? is it gonna explode?
Windows 7 will continue to function as well as has been doing for years. This comes from someone currently running 10 and that has a "server" laptop running 7.

From a security perspective, it's dangerous to use an operating system after it no longer receives security updates.

 

[Sakitoshi]

From a security perspective, it's dangerous to use an operating system after it no longer receives security updates.

I know, but tell me more about that "security" that updates bring.
I've been working with computers since I was a young lad and security has always been something that everyone talks about but no one can really grasp or explain. Those security updates aren't meant for home users, but enterprises.

 

[Lacius]

I know, but tell me more about that "security" that updates bring.
I've been working with computers since I was a young lad and security has always been something that everyone talks about but no one can really grasp or explain. Those security updates aren't meant for home users, but enterprises.

Security updates are meant for all users. There are more than enough examples of malware that take advantage of unpatched OS exploits.

 

[TotalInsanity4]

DLC for your operating system. Peak capitalism right here. Good thing Valve is working on getting all Steam games running on Linux, Microsoft's greed may force me to make the switch sooner than I expected (on Win10 now).

"Greed", as if this isn't them doing more than what they initially promised anyway

 

[Maid_Nanashi]

lol they really want us to get windows 10...fuck that. Yeah there ways around it...like always si I don't care about this dick move

 

[Captain_N]

I dont update my os. This mini i'm using with with win 7 ult 64 bit installed in 2012 has never been updated and its great. My windows xp sp2 desktop never received any updates. It has been used and ran 24/7 for 11 years. My 2009 gaming laptop with win 7 ult 64 never received an update and its great. Yeah i dont bother with updates or OS reinstall. I update clients pc i fix if they want it. Once my shit is running great i leave it alone.
If there is a major thing like the w32.blaster then ill patch just that.
The cpu exploites dont scared me. Nothing important is on any of my computers connected to a network. My good stuff is stored on disc on my shelf/hidden and on a never connected computer. Thats how i roll

 

[Sakitoshi]

Security updates are meant for all users. There are more than enough examples of malware that take advantage of unpatched OS exploits.

There we are again, you are explaining nothing.
We can also say that there are more than enough examples of illnesses in the world, but we aren't vaccinated for all of them.

I've even been in enterprises that completely disable windows updates because they do nothing but annoy users asking them to restart in the middle of the work.
Updates do prevent from some nasty malwares, but why restart when you can have a much more efficient software to deal with the problem?

 

[hamohamo]

Software compatibility will always be one reason why I keep a copy on stand by.

Businesses will also likely continue to use W7 because of the cost of licensing, testing, hardware/software upgrades, etc. We still use XP on some of our systems at work but they're restricted to certain tasks.

Every software that can be used on w7 can be used on 10

 

[kuwanger]

"I payed full for my NES, why did Nintendo stopped making new games for it? only 33 years have passed!"

Bad analogy is bad. Nintendo didn't stop supporting the NES, leave it a security nightmare that can be exploited by web sites (or possibly just malicious hosts attack tcp/ip ports), and sell you how you really need to buy NES 10 (free for a limited time) for them to actually continue to fix the bugs. No one is asking Microsoft to add new features or continue to develop games for Windows 7--that's up to other developers to decide. The point is if Microsoft' owns" Windows 7, then they should "own" all its problems.

 

[Lacius]

There we are again, you are explaining nothing.
We can also say that there are more than enough examples of illnesses in the world, but we aren't vaccinated for all of them.

You're being disingenuous when you say I'm not explaining anything. Malware can and does take advantage of operating system vulnerabilities. Logically, it's a good idea to patch those vulnerabilities. I also don't understand your point about real-world illnesses. Illnesses exist, so it's a good idea to get vaccinations when possible.

I've even been in enterprises that completely disable windows updates because they do nothing but annoy users asking them to restart in the middle of the work.
Updates do prevent from some nasty malwares, but why restart when you can have a much more efficient software to deal with the problem?

Enterprises shouldn't do that. Not applying security updates is a big part of why WannaCry happened. I'm not sure what you're suggesting.

Bad analogy is bad. Nintendo didn't stop supporting the NES, leave it a security nightmare that can be exploited by web sites (or possibly just malicious hosts attack tcp/ip ports), and sell you how you really need to buy NES 10 (free for a limited time) for them to actually continue to fix the bugs. No one is asking Microsoft to add new features or continue to develop games for Windows 7--that's up to other developers to decide. The point is if Microsoft' owns" Windows 7, then they should "own" all its problems.

What do people want from Microsoft?

 

[Sakitoshi]

You're being disingenuous when you say I'm not explaining anything. Malware can and does take advantage of operating system vulnerabilities. Logically, it's a good idea to patch those vulnerabilities. I also don't understand your point about real-world illnesses. Illnesses exist, so it's a good idea to get vaccinations when possible.

You really are explaining anything, you are saying something like updates are good because are good and malware is bad because is bad.
The illnesses analogy was to prove that not even in the real world you need to be 100% protected, you only need to take vaccines (updates) for the illnesses that are relevant (only important security holes).

Enterprises shouldn't do that. Not applying security updates is a big part of why WannaCry happened. I'm not sure what you're suggesting.

Shouldn't, but they do. They know that security updates are pretty useless unless it's for something that can realistically cause damage like Meltdown and Spectre.

 

[kuwanger]

What do people want from Microsoft?

From a legal perspective? The same thing as basically every company required to provide warranty of their goods: if you sell a knowingly defective good, list its defects. If you end a support program for fixing those defects, give a good reason why (just saying n years has passed is not generally sufficient, although that may be sufficient if you were upfront about it). Simply put, not even Microsoft knows all the defects in its own goods. It has no idea of the scale of how many defects they've fixed vs how many are left. Hence, they have in no way communicated to their customers the risks of buying Windows 7. By the same extension, they've not communicated to their customers the risks of buying Windows 10 because it's based on the Windows 8.1/8/7 code base.

With that degree of uncertainty, it would seem like they would be legally obligated to either (1) offer a refund or (2) offer some sort of free upgrade path. I don't know if Windows 10 would be a sufficient upgrade because it inherently is a different OS in many ways, most specifically in the way it forces updates (as much as it can) and posts ads using you as a monetary source. The last part, not being opt out, seems like a sufficient basis to argue that if there were a free upgrade option made to continue to get defect fixes, it'd have to include an opt out option for any such monetization scheme.

Edit: Put this in perspective, over Windows 7's entire life nearly every month there's been a "defect patch". Ie, over the span of a decade there's been over 100 defect patches. If you check CVE for Windows 7 you'll see listed 968 vulnerabilities. Even presuming there might be several duplicates, it makes clear that most of those defect patches have included bundles of multiple patches for vulnerabilities. Do you think after all that Windows 7 is now secure? This whole discussion is precisely because we all agree that that's highly unlikely.

 

[WildDog]

In short, one could have accepted the free upgrade offer years ago while postponing any license data being sent to Microsoft's servers, since the generation of GenuineTicket.xml is all done offline using gatherosstate.exe. This means a person can activate Windows 10 online using a legitimately generated GenuineTicket.xml without Microsoft knowing when the aforementioned file was created. Keys, particularly volume license keys, are blacklisted all the time when there's blatant piracy going on, but that's not at all analogous to what we're talking about.

Edit: And again, the above can be done without ever sending your Windows 7 license information to Microsoft, so it's not going to get blacklisted (not that it would anyway).

oh i see the method you mean, that's an old method... Try to do that method today on a Win 7 PC that never upgraded to Win 10 and be ready to get a lot a "0x803F7001" error.
Microsoft never stays the same, improve things to avoid exploits.
Black listing do happen to license for particular users, is not only for OEM license or Volume License.

In the end for anyone that wants to get Win 10, the faster way and cheaper way is to get a "gray market" key like the house of the cd keys and forget about work arounds.

I know, but tell me more about that "security" that updates bring.
I've been working with computers since I was a young lad and security has always been something that everyone talks about but no one can really grasp or explain. Those security updates aren't meant for home users, but enterprises.

LOL really, you think that updates that fix exploits in the OS are only for enterprises user?

 

[Lacius]

You really are explaining anything, you are saying something like updates are good because are good and malware is bad because is bad.

That's all it takes to demonstrate the need for security updates.

• Security vulnerabilities that are exploited by malware = bad
• Patching those security vulnerabilities so malware doesn't exploit them = good

The illnesses analogy was to prove that not even in the real world you need to be 100% protected, you only need to take vaccines (updates) for the illnesses that are relevant (only important security holes).

Any security vulnerability that could potentially be exploited by malware is relevant and should be patched. Also, and not to beat this dead horse of a false analogy, but if vaccines were an intangible and instantaneous resource like security updates, we'd probably be vaccinating against everything.

Shouldn't, but they do. They know that security updates are pretty useless unless it's for something that can realistically cause damage like Meltdown and Spectre.

WannaCry, and other attacks that weren't widely reported on the news, would like a word with you.

From a legal perspective? The same thing as basically every company required to provide warranty of their goods: if you sell a knowingly defective good, lists its defects. If you end a support program for fixing those defects, give a good reason why (just saying n years has passed is not generally sufficient, although that may be sufficient if you were upfront about it). Simply put, not even Microsoft knows all the defects in its own goods. It has no idea of the scale of how many defects they've fixed vs how many are left. Hence, they have in no way communicated to their customers the risks of buying Windows 7. By the same extension, they've not communicated to their customers the risks of buying Windows 10 because it's based on the Windows 8.1/8/7 code base.

With that degree of uncertainty, it would seem like they would be legally obligated to either (1) offer a refund or (2) offer some sort of free upgrade path. I don't know if Windows 10 would be a sufficient upgrade because it inherently is a different OS in many ways, most specifically in the way it forces updates (as much as it can) and posts ads using you as a monetary source. The last part, not being opt out, seems like a sufficient basis to argue that if there were a free upgrade option made to continue to get defect fixes, it'd have to include an opt out option for any such monetization scheme.

A few things:

1. Microsoft fully acknowledges that no operating system is 100% secure, and you accept these risks as a consumer of their products.
2. The fact that Microsoft is dropping support for Windows 7 in 2020 is not news. Anyone who purchased and/or used Windows 7 accepted these terms. They generally support an operating system for ten years, and they're very transparent about this.
3. Microsoft did offer a free upgrade path from Windows 7 to Windows 10.

Microsoft had no legal obligation to offer a free upgrade to Windows 10, and they have no legal obligation to offer a refund. No longer offering security updates for older operating systems is not a monetization scheme. To do so would be unsustainable, not to mention pointless.

oh i see the method you mean, that's an old method... Try to do that method today on a Win 7 PC that never upgraded to Win 10 and be ready to get a lot a "0x803F7001" error.

The method I described still works (if you know what you're doing), probably because they don't want to cut off users who took advantage of the upgrade offer when it was still available but never had their HWID sent to Microsoft's servers. However, there are better methods out there to activate Windows 10, like HWID generation.

Black listing do happen to license for particular users, is not only for OEM license or Volume License.

Blacklisting happens for very specific reasons unrelated to what we're talking about.

In the end for anyone that wants to get Win 10, the faster way and cheaper way is to get a "gray market" key like the house of the cd keys and forget about work arounds.

HWID generation is probably the easiest way to legitimately activate Windows 10, which doesn't require upgrading a previously installed OS.

 

[bodefuceta]

I live in a small town and used to format install some people's OS, for free. I tried installing Windows 10 for some people, but they all return with something broken not long after. Over 90% of people are not fine using a modern and stable (this excludes all proprietary-) system, therefore I discontinued this service. Thanks MS.