• Is this the end of the road for Windows 7?

    Home » Forums » Newsletter and Homepage topics » Is this the end of the road for Windows 7?

    Author
    Topic
    #2438478

    ON SECURITY By Susan Bradley Vendors start to draw the line. Ahh, Windows 7. I remember when you first came out. I remember when people hated — truly
    [See the full post at: Is this the end of the road for Windows 7?]

    Susan Bradley Patch Lady/Prudent patcher

    5 users thanked author for this post.
    Viewing 13 reply threads
    Author
    Replies
    • #2438525

      Nice summary of UAC and it’s goal. But there’s a snag – in my opinion. More and more programs install themselves in the Users Profile folder – including Microsofts own apps. No UAC kicking in. So users can (and will) install lots of applications as they like, without the system admin’s knowing. To me, this possibility looks like a giant back door for malware to enter a system. Or am I overlooking something?

      • #2438560

        That means the software was installed with user rights not admin rights. It won’t be able to change sensitive areas of the OS without further permission. Yes, there could still be malware but you’ll have to authorize its activities.

        --Joe

        • #2438721

          Maybe the answer is yes and no? A user software on Windows can do everything a user can do, so unless you prevent running of any unapproved code, you could end up with malware that does pretty bad things even if it doesn’t run with administrative privilege.

          What is most precious on a PC, the OS portion or the user files? Sure, the OS portion might allow a deeper infestation but for some, when all their files have been encrypted or if they have been spied on and their passwords stolen, the OS might not have that much value left and you would reinstall from scratch or restore everything from a backup anyway.

          Don’t get me wrong, UAC was a great first step by having less software running with admin rights, but if you let any code run in user mode, you still have an open door. I think that was the point Simon made.

          Enterprise tools like Applocker can prevent this, but it is not available on lower editions of Windows. You could use SRP or something like the hardened mode of Avast (which I found pretty useful for some scenarios when configured properly) to prevent unknown code from running.

          Again, and I will sound like Susan because I think she is right on this, SMBs and home users get the short end of the stick with security as if it wasn’t important. A locked down ecosystem like IOS with a store that vets bad apps a bit can help, especially if you add a MDM that can prevent installation of unapproved apps. In that sense, Windows security is very old school compared to contemporary OSes where security is much stronger by design, especially considering that most people run only the same few apps. When I think about a standard Office PC with not much else than Office and Windows, it doesn’t make much sense to let anybody install whatever they want if you care a lot about security.

          And I still don’t understand why with so many great features Windows could develop aside from centering the start menu button, they don’t make it very easy to be able to run any browser in low-integrity mode where it can’t write anywhere except the download folder.

          Last, it was pretty depressing to read the very knowledgeable Mr.Brian here a while ago reporting that user code software could patiently wait to hijack an elevation prompt to get administrative rights by using special techniques, so it reduces the usefulness of UAC which has apparently never been presented in an official technical way as a way to truly run with limited rights like with the root/user distinction on Unix/Linux. Still, there is no denying that it improves security by the fact that it blocks some dumb code and force software to be less demanding in terms of access. Any progress is still progress.

          2 users thanked author for this post.
    • #2438539

      You write: “Firefox will drop support for Windows 7 and Windows 8.1 sometime after January 2023.”

      A quick Google search does not turn up any confirmation of this. Can you provide a link or a cite?

      • #2438659

        You write: “Firefox will drop support for Windows 7 and Windows 8.1 sometime after January 2023.”

        A quick Google search does not turn up any confirmation of this. Can you provide a link or a cite?

        i’m not a plus member so i can’t see whatever susan wrote, but for the last couple of years i’ve been estimating that mozilla will pull the plug on win7 support sometime in 2024, maybe 2025 depending on how things go with esr updates – for all of mozilla’s countless flaws, they did at least support firefox on xp and vista until mid-2018 with esr52, two years longer than google did with chrome, so that’s something i guess. they just recently announced that firefox 100 (there is no valid reason why firefox should already be at version 100) will require kb4474419 aka sha-2 support on to run on win7, a former mozilla employee on /r/firefox (heh) said that they’ll probably use the telemetry data they’ve collected to decide when they’re nixing win7 support – it’s been slowly declining for the last couple of years but as of this april it’s still at 17%, you can look at it here: https://data.firefox.com/dashboard/hardware

        personally i’m sticking to win7 until 2023 at the very least and with esr updates or 0patch, the right software, not to mention the same amount of common sense you’d use with literally any other os, i think it’ll be fine as a daily driver until at least 2025 or so which… isn’t exactly reassuring but it’s got a little while left at least before big tech abandons it entirely like they did with xp.  at least it’ll be entertaining seeing the sheer chaos that’ll arise when ms tries ditching windows 10 support around the same time…

        1 user thanked author for this post.
      • #2438920

        Hearing nothing but crickets, here’s my hypothesis.

        This guy “Iron Heart” posted an unsupported opinion on the ghacks forum:

        https://www.ghacks.net/2022/04/01/firefox-100-requires-the-windows-update-kb4474419-on-windows-7/#comment-4518591

        Cybertooth relied on Iron Heart’s comment to post this here:

        https://www.askwoody.com/forums/topic/firefox-100-for-windows-7-require-sha-2-kb4474419/

        And Susan relied on Cybertooth’s post.

        In sum, a classic case of internet factoid, also known as jumping to conclusions.  It is evident that Iron Heart’s assertion that “Firefox will drop Windows 7 and Windows 8.1 support sometime after January 2023” is based on nothing more than his statement that this is when Windows 7 ESU and Windows 8.1 regular support run out.  He does not cite any information put out by Mozilla.

        Other aspects of Susan’s article merit comment.  The opening discussion regarding Windows’ User Account Control is cute but unrelated to the clickbait title of the piece.  The article then moves on to the claim that “Support [for Windows 7] is beginning to wane.  Some vendors are requiring certain updates to keep running on Windows 7. For example, Firefox 100 requires that KB4474419 be installed.”  So how exactly does this demonstrate that support is waning?  KB4474419 is standalone update compatible with Win7.  It does not require a later version of Windows for it to be installed.

        4 users thanked author for this post.
        • #2438938

          Ironheart is a chromefanboi…pinch of salt with anything he scripts over there.
          With no official confirmation from the distributors, windups are prevalent especially from that poster

          Win8.1/R2 Hybrid lives on...
          2 users thanked author for this post.
          • #2439587

            Susan’s article was a missed opportunity.  The coming end of Microsoft extended support for Win7 does seem to represent a likely time for the purveyors of browsers to follow suit, but, based on past experience with Win XP, is this necessarily what will happen?  As one of those who may have to make some decisions, I would have appreciated reading some research on the question, or even some reasoning that would clarify what was known and what was merely assumed.  Instead, we get a provocative title (“end of the road for Windows 7”) and opening line (“Vendors start to draw the line”) that the article completely fails to substantiate.

            I expect better for my Plus membership.

    • #2438573

      I suppose I am an outlier in this crowd, but when my oldest PC was unable to run Windows Vista any longer, I converted it to Linux Mint. I have not regretted that decision.

      4 users thanked author for this post.
    • #2438654

      I plan on continuing to use my Windows 7 systems for the foreseeable future, as they are well protected by multiple lines of defense as outlined in my thread Keep Running Windows 7 Safely for Years to Come.

      The looming end of browser support for Windows 7 is a hard blow, no question about it. However, by implementing a multi-layered defense strategy similar to the above, I continued to use Vista successfully for years after the major browser vendors stopped updating their offerings for that OS. I eventually made the move to Windows 10 for two reasons: (1) the aging hardware on the Vista system started giving me headaches, and (2) websites were introducing technologies that my Vista’s static browsers could no longer handle adequately.

      If it were just number 2 above, I’d probably still be happily using Vista as my daily driver despite the inconvenience of sometimes not being able to print Web pages properly. Even so, there are still a number of small browsers that continue to support Vista, although entrusting my cyberlife to little-known developers is not a step that I’ve been willing to take.

      As I’ve said elsewhere, come 2023 fans of Windows 7 will have some hard choices to make. My choice will be to continue using Win7 as normal until either the hardware stops working or the browsers can no longer handle the evolving technology of the Web. However, this choice requires a commitment on the user’s part to both learn how to protect their Win7 system and to apply the knowledge thus gained. I don’t recommend it to anyone otherwise, and certainly not in an enterprise setting as those targets are much juicier and their users are on average less attuned to cybersecurity concerns.

      Long live Aero Glass!

       

      4 users thanked author for this post.
      • #2438671

        by now i honestly trust amateur software devs with my security more than actively evil, anti-user companies like microsoft and google – the inherent problem with independent web browsers, however, is that chrome more or less is the internet now to most people and it’s been that way for a long time. almost all browsers are based on chromium, google has defined web standards for ages now and they implement new features nobody but them asked for at such a rapid pace that nobody else can keep up, modern day web developers only test their sites (ahem,”web apps”) on chrome, and browsers are so bloated now that it’s been impossible for anyone to develop a new one from scratch for years. i rarely use chromium-based browsers for a multitude of reasons, but i’m dreading january 2023 simply because the modern web is going to become progressively harder to even interact with on windows 7 after that point. it’s not going to be fun, to say the least

        1 user thanked author for this post.
      • #2438752

        I am not going to get onboard this bandwagon until I see some documentation that Firefox is going to pull the plug on Win7.

        Susan?

        1 user thanked author for this post.
      • #2439363

        (This for Cybertooth-for some reason it didn’t go under his post as a Reply, though I hit that button. (?)

        That’s the spirit!

        I’ve watched this relentless drumbeat of:

        “You must upgrade your OS!

        “You must upgrade your hardware!

        “If you don’t, the Internet Monsters will get you!”

        (signed, Silicon Gulch Oligarchs.)

        …for three decades, and decided all of it is strictly P.T. Barnum.

        Guys and gals, I ran XPSP3 on the net until 2017, and never had an issue.

        End of vendor software support in the form of browsers and email clients is probably going to be the determinant factor for me along with a catastrophic hardware fail, but I’m not going to abandon Win 7 until it’s virtually impossible to continue to do so.

        Good AV, sanitary Net practices, a supported browser and common sense will keep you safe.

        In the meantime, I’ll continue to resist that band of looters in Silicon Gulch who’d just love to Hoover more money out of my pocket.

        Win7 Pro SP1 64-bit, Dell Latitude E6330, Intel CORE i5 "Ivy Bridge", 12GB RAM, Group "0Patch", Multiple Air-Gapped backup drives in different locations. Linux Mint Greenhorn
        --
        "The more kinks you put in the plumbing, the easier it is to stop up the pipes." -Scotty

        6 users thanked author for this post.
        • #2439435

          I totally agree, of course!

          Twice in the last two weeks I have observed a friend’s laptop go into the Windows 10 update screen (“Don’t turn off your PC”) just as he was trying to run an event at our club, rendering the laptop unusable for hours at a time. This business of “active hours”, “pausing updates”, etc. etc., is so unnatural and unintuitive compared to the pre-Win10 model of “update when I tell you to and otherwise leave me the heck alone”. Nobody I personally know (i.e., normal people) seems to have a handle on these rigid, artificial new updating models.

          And that’s when the process actually works as designed. Another friend’s desktop PC has gone into an update/restart loop that she can’t get out of. As soon as the PC boots back up after (supposedly) patching, Windows announces again that it needs to restart to install updates. She’s in about the fifth cycle of this bovine excrement. I told her she can ignore the notices for now, but they keep popping up and interrupting, plus she finds it disconcerting to have those notices pending. Since she needs to get her taxes done, I told her to pause the d*mn updates for a week until we get past the tax deadline and then maybe we can look deeper into it.

          I would wish Windows 10 or 11 on an enemy.

           

          2 users thanked author for this post.
        • #2439696

          As someone once said regarding change:
          “You don’t want to be the first, but you don’t want to be the last, either.”

          On permanent hiatus {with backup and coffee}
          offline▸ Win10Pro 2004.19041.572 x64 i3-3220 RAM8GB HDD Firefox83.0b3 WindowsDefender
          offline▸ Acer TravelMate P215-52 RAM8GB Win11Pro 22H2.22621.1265 x64 i5-10210U SSD Firefox106.0 MicrosoftDefender
          online▸ Win11Pro 22H2.22621.1992 x64 i5-9400 RAM16GB HDD Firefox116.0b3 MicrosoftDefender
    • #2438663

      Now I’m sorry to say that the replacement came with Win 10.  Sigh.

      You can format your PC, install Linux and get $50 from Microsoft for not using Windows.

    • #2438679

      Susan, I just couldn’t help myself replying to your description of UAC in Win 7.  It was Windows Vista that had UAC first and got on people’s nerves so much.  With Vista, UAC was either on or off.  When Win 7 came out the UAC had been toned back with a middle ground setting and it didn’t pop up each and every time.  This was but one thing that made Win 7 so popular.

      Being 20 something in the 70's was more fun than being 70 something in the 20's
      • #2438706

        Charlie wrote: “When Win 7 came out the UAC had been toned back with a middle ground setting and it didn’t pop up each and every time.

        Yes, I remember reading about that, getting disgusted by reading about that, but then found I could run the PC with Win 7 in the same way I always had with their predecessors, because Windows now allowed gaining a sufficiently elevated status as to do anything I needed to do by choosing to “Run as Administrator.” The UAC never got in my way. Maybe others were not so lucky?

        I always thought that this business of the “secret Administrator password”, etc. was because Win 7 was derived from a version, or actually was that version, meant to be used at offices of companies and the government where there were actual network administrators, so MS was just being cheap, or could not care less, and so it was not changing that feature in the Win 7 meant for home and small business users. Was I unjust to MS in thinking so?

        Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

      • #2438743

        IT folks CONSTANTLY moved that zipper down in Windows 7.  Ergo my cartoon.

        Susan Bradley Patch Lady/Prudent patcher

        1 user thanked author for this post.
    • #2438715

      When I got my “new” computer in 2012, I got Win 7 with SP1 (Service Pack 1).  I’m not sure and I’d have to check to see if the UAC taming was done before or after SP1.  I thought it was before.

      Being 20 something in the 70's was more fun than being 70 something in the 20's
    • #2438666

      Windows Xp is still being used in the company I work for. Supplier of programs used on daily uses has not moved to Windows 7 yet.

      • #2438759

        Charlie: “I’m not sure and I’d have to check to see if the UAC taming was done before or after SP1

        SP1 came out in early February of 2011, before I bought, in June, my HP Pavilion laptop with Win 7 installed. Until then I had an IBM/Lenovo running XP. I don’t remember having problems because of UAC then, in fact, I’m pretty sure I didn’t, but that was over ten years ago …  So it might have been fixed with SP1.

        This was written in September of 2012:

        https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd446675(v=ws.10)?redirectedfrom=MSDN

        Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

      • #2439462

        May I ask if your company is using MS Premium Support to keep Windows XP fully updated or are these systems offline?

        If you are using MS Premium Support, are you receiving patches for XP every Patch Tuesday and did you receive any for April?

    • #2438667

      I still run Windows Xp, even posting this from it. Only using agent switchers to trick websites to work.

      Windows 7 computer is sitting without network cable connected. I did not want it to get infected by Windows 10 sypware that MS was forcing. Might have to plug it in one of these days and start using it. My Windows Xp is starting to show it age and might fail at some point. Sad day that will be

      Even my Windows 98 that failed from power supplies was used until 2010. Long after the EOL.

      There are people that are not rich and can not spend money on the brand new item every 6 months it seems now a days. If it works, than keep using it. If it is not broke, no need to replace it.

      2 users thanked author for this post.
      • #2438950

        There is a list of Windows 7 Updates to steer clear of on this AskWoody website to prevent you from getting all the Win 10 nags, etc. which sized up Win 7 computers for Win 10 installation back around 2015.  I’m very thankful to Woody and his crew for posting these at that time and saving me from any headaches in that regard.  Hopefully these updates are still listed in the old archives here on AskWoody.

        If you find them, check your installed updates and see if they’re installed.  If so, uninstall them.

        Edit:  Here’s one – post #46288.  It’s in the Bad Patch List thread.

        Being 20 something in the 70's was more fun than being 70 something in the 20's
        • This reply was modified 1 year, 10 months ago by Charlie.
    • #2438836

      Windows 7 computer is sitting without network cable connected. I did not want it to get infected by Windows 10 sypware that MS was forcing.

      We have at home a ~10 years Windows 7 PC which has been forced into Windows 10. I immediately restored it to Windows 7 and disabled updates.
      The PC is in use online every day for long hours. Not a single virus, malware, crash…running Kaspersky A/V.

      My brother also use ~10 years old (3rd gen Intel i3) Windows 7.
      I block Windows 10 with a block10 app and registered the PC with 0Patch Pro.

      5 users thanked author for this post.
    • #2438868

      Even if you like Windows 7, if your system drive is not an SSD, you should install one.  It is amazing how fast a say 10 year old computer feels with an SSD, and how slow a brand new computer feels without one.  Old computers usually need SATA SSDs instead of NVME ones, check of course.  In the US you can get a 500gb SATA SSD for around $50, the higher quality ones are $70.

      6 users thanked author for this post.
      • #2438983

        I installed a $50 Sandisk 480GB SSD in a 2009 HP Pavilion laptop with 4GB RAM. It had been running Mint 19.2 and did alright with it. Took a couple minutes to boot and maybe 15 seconds to load Firefox. OK for a computer to test updates.

        After I put the SSD in and reinstalled Mint 19.2 to the state it had been in, I booted it up and literally started laughing. The thing just flies on anything that’s disk intensive. The 13 year old RAM is the bottleneck now.

        Get an SSD.

        2 users thanked author for this post.
      • #2438987

        My OCZ Solid SSD is still going strong with Win7, now at circa 8 year old mark 🙂
        Best computer upgrade buy EVER when HDD’s were becoming a throughput bottleneck.
        The only thing I use HDD’s for, are backups (bought external enclosures for redundant system HDD’s)

        Win8.1/R2 Hybrid lives on...
        1 user thanked author for this post.
    • #2438948

      regarding UAC, I still use TweakUAC, even under Win7 when I want UAC enabled but in “silent” or quiet mode (no prompts)

      btw, dragging the UAC slider in Win8, Win10 & greater all the way down just turns off all notifications but UAC is still enabled though silent

      • #2439436

        regarding UAC, I still use TweakUAC, even under Win7 when I want UAC enabled but in “silent” or quiet mode (no prompts)

        I don’t understand how the UAC can be enabled but not prompt you for your approval.  This seems to be defeating its purpose.

        Being 20 something in the 70's was more fun than being 70 something in the 20's
    • #2439108

      As far as I am concerned, I see no reason to abandon Windows 7, especially on the older systems. It still works great on them, and there are no more updates from Microsoft to potentially destabilize the OS, haha.

      Firefox 100 (and above?) requires SHA-2 support in Windows 7 to run? Well, if I have to there is no problem, as the required updates are already present.

      However, I am still using Firefox ESR 78.15.0 (with the latest version of NoScript) as I strongly dislike the “Proton UI” introduced by Mozilla since Firefox 89, especially the large bookmarks spacing, which I find very awkward. It seems to me that in the past few years Mozilla just removes useful features (or hide them) and introduces these unwelcome changes (Example : Save image files in webp rather than JPEG / PNG even though the source file is not webp. I have to install an extension to workaround this unwelcome change.) in Firefox and ignores user feedback.

      I know the spacing can be somewhat reversed by including some code in an userchrome.css file in the profiles folder, but I would never able to figure out the required code on my own, and who knows if Mozilla will remove this capability also in some future update?

      I am increasingly frustrated by the direction Mozilla is going with Firefox, and with NoScript also now available on Chrome, I may have to eventually switch to Chrome. It will be a shame after such a long time using Firefox (from version 1 on Windows 98), but even though I don’t want to switch, I believe I will eventually reach a point of no return with Firefox.

      Hope for the best. Prepare for the worst.

      • This reply was modified 1 year, 10 months ago by James Bond 007. Reason: Addition
      2 users thanked author for this post.
      • #2439465

        Chrome switches to Manifest V3 by January 2023.  I believe some of the more powerful extensions like Noscript will lose some functionality.  https://developer.chrome.com/blog/mv2-transition/

      • #2439536

        I have been using Waterfox, a fork of FF and a member of the Mozilla family, that recently started using the Proton skin, same as FF. That killed its capability to search for words and character strings in online text, a feature that has always been very useful to me.

        I have started using Vivaldi instead, more and more often; it is Chromium based and, so far, it works OK.

        If it works with Win 7 you could give it a try, if you haven’t already, to see how you like it.

         

        Ex-Windows user (Win. 98, XP, 7); since mid-2017 using also macOS. Presently on Monterey 12.15 & sometimes running also Linux (Mint).

        MacBook Pro circa mid-2015, 15" display, with 16GB 1600 GHz DDR3 RAM, 1 TB SSD, a Haswell architecture Intel CPU with 4 Cores and 8 Threads model i7-4870HQ @ 2.50GHz.
        Intel Iris Pro GPU with Built-in Bus, VRAM 1.5 GB, Display 2880 x 1800 Retina, 24-Bit color.
        macOS Monterey; browsers: Waterfox "Current", Vivaldi and (now and then) Chrome; security apps. Intego AV

      • #2449115

        Good man, staying on the last Flash-supporting version too.
        I too continue to use 78.15
        It works, that’s all I need. Unfortunately it’s not my IDEAL version, as 69 introduced Pocket and messed New Tab/Window/Homepage controls, 71 also messed with about:config
        I have delved into userchrome.css on other devices, mostly using pre-made ones off the net, it makes a big difference and it’s very safe to tweak.
        Still more comfortable with about:config tweaks, of which I have made many even on 78.15
        I don’t understand how every software update seems intent on making UI less dense/compact, and less accessible at the same time. They waste so much real-estate while simultaneously hiding functions behind sub-menus and dropdowns.
        Want to guess how much space my UI takes up? 81 pixels on my 1080p screen. That includes the Menu Bar, which gives me faster access to more features than what’s hidden in the modern “Hamburger” menu. So menu bar+URL+tabs=81 pixels
        I could shrink the URL bar and tabs a little more but this is still way less space than 99% of the default UIs I see these days, which are more like the Ribbons that Microsoft seems to think are good design.

        2 users thanked author for this post.
        • #2449199

          I don’t understand how every software update seems intent on making UI less dense/compact, and less accessible at the same time.

          Yes indeed!  It’s very frustrating.

          Being 20 something in the 70's was more fun than being 70 something in the 20's
          1 user thanked author for this post.
    • #2449278

      I don’t understand how every software update seems intent on making UI less dense/compact, and less accessible at the same time.

      The same goes for web sites that suddenly change appearance…which is very frustrating.

      1 user thanked author for this post.
    Viewing 13 reply threads
    Reply To: Is this the end of the road for Windows 7?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information: