CJS Associates: IT Solutions for the Office and Cloud

Microsoft Security Flaws

shutterstock_735899782
Uncategorized

Microsoft Security Flaws

Life can be ironic, can’t it? We’re not just talking about the “Rain on your wedding day” kind of irony, either. It seems that Microsoft and anyone who works in the tech field — ourselves included — have been harping about how Windows 7 users need to upgrade before its End of Life happened on January 14th. And what else happened on that day?

Well, Windows 7 did meet its End of Life, but the NSA also came out with a warning that Windows 10 — and all other platforms that Windows 7 users were supposed to move to — had a massive security threat. So, how important is this, and more importantly, how does this affect you and your business?

Conflicting Stories

Microsoft has been pretty tight-lipped about this whole situation and has already rolled out a patch, although they’ve only labeled this as an important update, not critical like they have for similar issues in the past. Industry experts feel this can be a way of trying to play down a major issue, making it seem like this is nothing more than a minor hiccup. This might have worked had the NSA not said anything.

The NSA has been notorious at finding exploits in Windows, as well as other operating systems, so they can conduct surveillance without asking permission from software developers. In fact, the famous Wannacry virus was believed to have spread so quickly because hackers found an exploit that the NSA was using at the time. The reason we bring this up is that if the NSA is making this public and not merely keeping it to themselves like before, it must mean that this is a major issue that risks the security of more than just a handful of people. We’ll probably never know the real truth behind the matter, though we can guarantee that there is plenty of information that is not being shared with the general public.

The Windows 7 Connection

Both Microsoft and the NSA made their announcements on January 14th, so it stands to reason that this must have been a known issue for a while. Which begs the question, why didn’t anyone say something sooner? More likely than not, it was probably because Microsoft had been pushing the Windows 10 upgrade for so long that if those who hadn’t upgraded from Windows 7 heard about the gaping flaw, it might have given them an excuse to hold back.

From what it looks like, the issue stemmed from a program that interfaces with digital signatures and determines whether or not a program is legitimate and licensed. Somehow there was a vulnerability in the sequence that opened a door so huge, even the NSA considered it too much of a breach of privacy for individuals and businesses. As far as we know, this was not an issue on machines running Windows 7.

So, I Might As Well Stay With Windows 7, Right?

Not so fast, buddy. Yeah, we’ll be the first to admit that this whole situation doesn’t smell right and was most likely the result of Microsoft trying to save face, but don’t make this is an excuse to stay with Windows 7 if you haven’t already upgraded. Security concerns are a fact of life and having one doesn’t make Windows 10 any better or worse than other versions. Think about your favorite version of Windows and it probably had dozens of issues that needed to be resolved over the years. Yes Microsoft indeed caused this problem themselves and it wasn’t just a way in that hackers devised, but again, that’s to be expected from time to time. Both Microsoft and the NSA said that neither was aware of anyone having been pirated as a result of this vulnerability.

When it comes down to it, here is the hard fact of the matter: although this flaw in Windows 10 wasn’t great, it was fixed quickly, and any other issues or vulnerabilities will be continued to be fixed for the foreseeable future. Windows 7, on the other hand, is dead and is never coming back.

Think of it this way: would you still run Windows 95 on your computer? Chances are your answer would be an emphatic no. And why not? Most likely due to a lack of functionality and security issues. Well, if not Windows 95, why not Windows 98, NT, ME or XP? Probably for the same reasons as for Windows 95.

Although Windows 7 still works and was just recently updated, it’s no different than any other previous version of Windows. Those who still use older versions can be and are hacked regularly. Why? Because they aren’t supported, so hacking them gets easier every day.

Looking Ahead

We understand that if your business still hasn’t updated from Windows 7, there is most likely a good reason besides just being lazy. There are always several considerations to making changes, such as hardware upgrades, data migration, and even software compatibility. For a company that isn’t equipped for all of this, upgrading may be an overwhelming prospect. If you find yourself in that situation, please contact us to see how we can help your business move forward and stay there. Whether you need a one-time service or perhaps full MSP coverage, our team of professionals is here to help.