FBI PIN: Computer Network Infrastructure Vulnerable to Windows 7 End of Life Status, Increasing Potential for Cyber Attacks

The FBI has published a (TLP:WHITE) Private Industry Notification (PIN) advising that continuing to use Windows 7 within an enterprise may provide cyber criminals access into computer systems. Microsoft ended support for the Windows 7 operating system in January 2020, and the FBI observes that cyber criminals target computer network infrastructure after an operating system achieves end of life status. It notes that as time passes Windows 7 becomes more vulnerable to exploitation due to lack of security updates and new vulnerabilities discovered. The FBI acknowledges that migrating to a new operating system can pose its own unique challenges, such as cost for new hardware and software and updating existing custom software. However, it submits that these challenges do not outweigh the loss of intellectual property and threats to an organization. In its list of recommendations, the FBI advises upgrading operations systems to the latest supported version, which it notes was also recommended by Microsoft and other industry professionals.