NVIDIA is dropping support for Windows 7, 8 and 8.1

[Armenius]

Game Ready updates will no longer be made for Windows operating systems prior to Windows 10 starting in October 2021. Critical security updates will still be offered on these legacy operating systems through September 2024.

https://nvidia.custhelp.com/app/answers/detail/a_id/5201/related/1

 

[Furious_Styles]

Game Ready updates will no longer be made for Windows operating systems prior to Windows 10 starting in October 2021. Critical security updates will still be offered on these legacy operating systems through September 2024.

https://nvidia.custhelp.com/app/answers/detail/a_id/5201/related/1

View attachment 366661

Well that might be it for my W7 install. Figured I only had through the end of the year anyhow.

 

[Armenius]

Well that might be it for my W7 install. Figured I only had through the end of the year anyhow.

Extended Support for 7 ended in January last year, so you've gone about 18 months without critical and security updates. 8.1 users have until January 2023. If anybody is still on 8, what is wrong with you?

 

[M76]

Extended Support for 7 ended in January last year, so you've gone about 18 months without critical and security updates.

We have computers running on 7 at work. There are still updates all the time. I don't know what kind, but it gets updates. Also if the computer is not sitting directly connected to the internet, then you need user error to have anything exploit a security vulnerability.

 

[Furious_Styles]

We have computers running on 7 at work. There are still updates all the time. I don't know what kind, but it gets updates. Also if the computer is not sitting directly connected to the internet, then you need user error to have anything exploit a security vulnerability.

Indeed, I also bought a 3rd party patcher for critical vulnerabilities. https://0patch.com/

 

[TaintedSquirrel]

Extended Support for 7 ended in January last year, so you've gone about 18 months without critical and security updates. 8.1 users have until January 2023. If anybody is still on 8, what is wrong with you?

I'm currently running a Windows 7 build that I put on a flash drive in July 2011. I only install indvidual patches that are sometimes required to make games/programs run.
"18 months" lol. I'm also typing this post from a 5-year old version of Firefox (v48).

With the amount of games requiring DX12 these days (plus RTX/DLSS) and Nvidia dropping support for win7, my switch to 10 is inevitable I guess.

 

[noko]

I'm currently running a Windows 7 build that I put on a flash drive in July 2011. I only install indvidual patches that are sometimes required to make games/programs run.
"18 months" lol. I'm also typing this post from a 5-year old version of Firefox (v48).

With the amount of games requiring DX12 these days (plus RTX/DLSS) and Nvidia dropping support for win7, my switch to 10 is inevitable I guess.

Isn't that a free upgrade anyways for you?

 

[GoldenTiger]

Isn't that a free upgrade anyways for you?

Yes.

 

[Sir Beregond]

Weird. I am still on 8.1 and last I checked was in extended support until 2023?

Not planning on W10 until I build the new rig.

 

[Armenius]

Weird. I am still on 8.1 and last I checked was in extended support until 2023?

Not planning on W10 until I build the new rig.

NVIDIA is still doing critical and security updates until 2024 for 8.1, you just won't be getting game updates after September.

 

[Sir Beregond]

NVIDIA is still doing critical and security updates until 2024 for 8.1, you just won't be getting game updates after September.

Hopefully will have new rig up by then.

 

[MrGuvernment]

We have computers running on 7 at work. There are still updates all the time. I don't know what kind, but it gets updates. Also if the computer is not sitting directly connected to the internet, then you need user error to have anything exploit a security vulnerability.

If that Win 7 computer is on the same LAN to any device connect to a firewall router - it can be exploited via other methods. If your work is still using Windows 7, I would be curious what other systems are out of data and no longer updated either? (routers / firewalls et cetera) that would be easily exploited.

 

[M76]

If that Win 7 computer is on the same LAN to any device connect to a firewall router - it can be exploited via other methods. If your work is still using Windows 7, I would be curious what other systems are out of data and no longer updated either? (routers / firewalls et cetera) that would be easily exploited.

What "other methods"? You mean physical access? I'd like to hear how do you exploit a windows 7 machine, that is not exposed from the internet.

As for routers and firewalls that is in no way related. Windows 7 machines are still used because there is software installed on these, that cannot be transferred.

I really don't like this alarmist bs: "oh you have windows 7 still then you must be the worst"

 

[Smoblikat]

I'm currently running a Windows 7 build that I put on a flash drive in July 2011. I only install indvidual patches that are sometimes required to make games/programs run.
"18 months" lol. I'm also typing this post from a 5-year old version of Firefox (v48).

With the amount of games requiring DX12 these days (plus RTX/DLSS) and Nvidia dropping support for win7, my switch to 10 is inevitable I guess.

Wow, youre more hardcore than me I just switched from my W7 box I built in 2012 to a new machine I built with W10, I dont use a version of firefox THAT old, but I do like waterfox classic

Are you using firefox ESR? We had to use that for some of our older building HVAC/security systems as it was one of the last versions to support them, some java incompatibility or somthing, I forget specifically.

 

[MrGuvernment]

What "other methods"? You mean physical access? I'd like to hear how do you exploit a windows 7 machine, that is not exposed from the internet.

As for routers and firewalls that is in no way related. Windows 7 machines are still used because there is software installed on these, that cannot be transferred.

I really don't like this alarmist bs: "oh you have windows 7 still then you must be the worst"

How are these windows 7 machines blocked from the internet?

Routers / Firewall can be exploited which can give someone full access to your LAN side from the internet. From there they move sideways to find systems that can be exploited, and Windows 7 is very easily exploited.

This is not alarmist BS, this is fact and what occurs every second of every day to systems not properly configured or patched regularly.

You do not need physical access. If these Windows 7 boxes are connected to a LAN...they can be exploited if someone gets into your LAN.

 

[MrGuvernment]

Most recent one
https://therecord.media/zyxel-says-...ting-its-enterprise-firewall-and-vpn-devices/


Before this it was SonicWall devices a couple months back.
https://heimdalsecurity.com/blog/the-sonicwall-bug-was-only-partially-fixed/

Cisco has had multiple exploits to gain access from the internet...you name it, all of them have and will have more exploits.

Are you running any 3rd party software from vendors that reach out to the internet? Or you pull down updates directly from their servers? Sure you know about the Solarwinds hack....many others like that are occurring often via supply chain attacks.

"It is not a matter of if you get hacked, but when....if not already"

I am sure your software has newer versions, but i do understand there are many aging control systems and such that have gone out of business and companies do not want to spend the usually very very very high costs to upgrade or move to a newer platform, but one day it will bite them in the butt.

If you are the I.T guy for your company and you do not have a Cyber Security person, I highly suggest you follow several well know security people on either LinkedIn or other sources and you will quickly see how easily someone is likely able to get access to your Windows 7 box.....

 

[M76]

How are these windows 7 machines blocked from the internet?

They have no public ip address, nobody can connect to them from the internet directly. Unless they installed a back door but that attack is not specific to windows 7.

Routers / Firewall can be exploited which can give someone full access to your LAN side from the internet.

What do you mean exploited? If someone can access the router and give themselves access then we are already lost, that doesn't have anything to do with Windows 7.

From there they move sideways to find systems that can be exploited, and Windows 7 is very easily exploited.

If someone gets full access to the lan, they already breached the network, they have nothing else left to gain by exlpoiting windows 7.

This is not alarmist BS, this is fact and what occurs every second of every day to systems not properly configured or patched regularly.

If it's not alarmist, then what is the exact windows7 exploit you are referring to?

You do not need physical access. If these Windows 7 boxes are connected to a LAN...they can be exploited if someone gets into your LAN.

If you are already inside what on earth do you need windows 7 for?

 

[MrGuvernment]

If someone is in your network via your firewall / router, it does not mean they have yet, access actual systems or servers or anything to just have full admin access to everything. Yes, they are in your network, but it is not "lost" yet. It is just one point they have breached.

They were able to exploit 1 single point. From there, they are going to look for the next easiest weakest target, to get further access into the network / company / resources. That next point is going to be when they find that Windows 7 box vs a fully patched windows 10 box for example.

https://www.cvedetails.com/product/17153/Microsoft-Windows-7.html?vendor_id=26

If that windows 7 box is domain joined and someone has logged into it with a domain admin or elevated account, they can hash the accounts on that system and now they have the elevated access to now do damage to your actual servers and windows based systems or use some other exploit to capture creds or spread say ransomware. (This happened with a client with a hired pen test that was done - this exact scenario) Or use another vulnerability.

This is why segmentation is very important in networks. Using layer 3 fully patched switches to handle VLANS and routing (not your router). With tight ACL's between all segments of networks, example

VLAN 2 - Management for switches / servers
VLAN 3 - Servers
VLAN 4 - workstations
VLAN 5 - Phone systems
VLAN 6 - Critical server such as Domain controllers and such
VLAN 7 - DMZ if needed

And the ACL rules between those VLANS are very strict only allowing the minimum requirements needed to communicate between them where needed, otherwise it is block all by default.

With this, someone could exploit your firewall/router but you are going to severely limit their access once they get in and with proper monitoring you should then pick up on someone trying to move through your network.

What is alarmist is people and companies thinking "I wont ever get hacked, we are not big / important enough to get noticed" Most comprises are drive by's....your system was exploitable after being scanned by scripted bots that scour the internet 24/7 looking for systems that can be compromised.

As noted before, it is not if, but when, you will get compromised at some point and most companies wont ever know until it is too late. They do not want to spend money on Cyber Security until after they have their data stolen and leaked and lose their customers and credibility.