Are You Still Running End-of-Life Windows Servers?

Are You Still Running End-of-Life Windows Servers?

Windows Server 2008 and 2008 R2 reached their end of life (EOL) on Jan. 14, 2020. What does that mean in practice? Well, any instances running these versions of Windows Server are no longer supported by Microsoft—no more automated fixes, updates, or technical assistance.


From a security standpoint, any exploits that appear after Jan. 14 that affect these specific versions of Windows will not likely be addressed for the vast majority of installations. Though there have been exceptions to end of support under unusual circumstances, such as the extension of support for Windows 10 in light of the unprecedented COVID-19 pandemic, such exceptions shouldn’t be expected to be the norm.


Through a sampling of some of our data, we realized that even as of the date of this post, there were many instances of Windows Server 2008 still running in the wild—and by extension, associated variations of dependent software, such as Microsoft Internet Information Services (IIS) version 7.0 and 7.5.We took a more systematic look at the prevalence of the different versions of Windows Server that are floating out on the open internet. We performed a number of internet-wide scans using Project Sonar, and fingerprinted the returned data using Recog, when possible, to enable us to identify specific versions of Windows Server.


What we found was alarming: Over the course of September 2020, 59% of all uniquely observed instances of Windows Server were unsupported, while 41% were supported. However, the uneven balance of dangerous versus safe services that we observed is not terribly unusual. It seems to be more the norm that t ..

Support the originator by clicking the read the rest link below.