/ Technology

Are you ready for the end of Windows 7?

121
Profile photo of Kate Bevan Kate Bevan Editor of Which? Computing
Comments 121

If you’re still using Windows 7, it’s time to take action. Are you planning to upgrade, or will you take another path?

Are you one of the 28% of Windows users who’s still running Windows 7?

If so, it’s time to bite the bullet and make plans to either upgrade your existing computer or treat yourself to a new one. 

That’s because Microsoft will stop supporting Windows 7 on January 14. This means no more new features, and most importantly, no more security updates. 

Moving from Windows 7 to 10: download our guide (.pdf, 3mb)

This doesn’t mean that a Windows 7 PC will suddenly stop working on January 14, but it does mean that it’s increasingly unsafe to use online: regular security updates keep devices safe from online threats.

The risks of unprotected PCs

For anyone tempted to think that they’re not at risk, it’s worth noting that according to the security firm Symantec, one in 10 URLs are malicious, 4,800 websites on average are compromised by having hackers add formjacking code to them each month, while one in 3,207 emails is a phishing attempt.  

it’s clear that having an unprotected PC puts you at risk – and it puts others at risk, too.

A PC that isn’t protected against new and emerging threats risks being co-opted by malware to become part of a botnet that can be used by cyber-criminals to carry out attacks, such as the one that crippled the internet on both sides of the Atlantic in 2016. 

The good news is that even quite old PCs can be upgraded to Windows 10, and we’ve got a guide to the system requirements.

It’s also possible you could still upgrade for free: we tested this method back in September and managed to upgrade a Windows 7 computer without having to pay for a new Windows 10 licence (although we can’t promise it will continue to work).

Yet despite all the warnings from Microsoft, independent security experts and our own Which? Tech Support team, the statistics show that a worryingly high number of people are still using Windows 7.

Even more alarmingly, there are still some out there using Windows XP!

What to do if your PC won’t take an upgrade

If you do want to carry on using it, you could try installing a different operating system if you’re feeling brave…

The most common alternative operating system is Linux, which is free to download, install and use. Because it’s open-source, there are a number of different versions, or ‘distros’, developed and maintained by the enthusiast community. 

One of the most user-friendly distros is called Mint, and there are a number of helpful guides online to get you started with it. Another popular distro is Ubuntu, which is similarly well-supported with online guides.

Alternatively you could re-purpose your Windows 7 PC as a Chromebook by installing Chrome OS.

If you’re determined to keep using Windows 7, you’ll first need to make sure it doesn’t go online again.

Once you’ve taken it offline, you could fill up its hard drive with your videos and use it as a storage device plugged into your TV via an HDMI cable, or you could carry on using it for writing and spreadsheets etc, which will be safe so long as you don’t connect it to the internet.

Moving on from Windows 7

If you’re not going to repurpose your Windows 7 PC as an offline device or with a new operating system, you could consider donating it to charity.

Just going to get rid of it? Make sure you dispose of it sustainably and securely.

Once you’re then ready to buy a new computer, we’ve got up-to-date reviews of laptops and desktops to help you choose. 

If you’re still using a Windows 7 PC, are you planning to upgrade, either to Windows 10 or to a whole new PC?

Or are you thinking of making the jump to a Chromebook or a Mac?

And if you’re planning on holding out and sticking with Windows 7, are you worried about the threat from malware? Let us know what you’re doing in the comments below.

Comments
121
Kevin says:
10 December 2019

Hi Alfa
if you’re using Windows 7 online, you can mitigate your risk by using a non-Microsoft browser – Chrome and Firefox, for instance, will continue to get security updates and will still work on Windows 7 for quite a while after MS drops support for it. Also have a review of any services running on your PC – disable anything that you don’t absolutely need, and review your firewall settings. You should also create a non-privileged account for routine use on the machine.

This isn’t meant as a criticism, and it’s perhaps an extreme scenario, but bear in mind you expose other people to risk (eg Wannacry and the NHS) by using unpatched systems on the Internet.

3
Vote up  |  Vote down   Reply    Report
Share   
Hide replies ∧
duncan lucas says:
10 December 2019

Your point of using a non -privileged account (administrator etc ) is a good point Kevin , Linux does this automatically to limit the attack potential of a hacker .
While its an inconvenience to raise your user account to make changes its a lot more safer than permanent Administrative level. Even so in actuality Windows doesn’t run with a “real” administrative account ,its limited as MS don’t want you making changes to the actual basic operating system unlike Linux where I can easily destroy my distro by removing vital files .
If you look in Windows you will find a long list of those above the “administrative ” level so that remote changes can be done ,Linux has another user “Nobody ” who can make changes but they are limited , I have got to approve twice on any downloaded update along with my password which is a bit safer , I can watch it being downloaded and can stop any programme from being installed or cancel the lot.
Yes FF has plenty of safety features that help with online safety go for that one.

0
Vote up  |  Vote down   Reply    Report
Share   
Nabwich says:
11 December 2019

Kevin makes a good point that the risk from using outdated systems is not just to your computer, but is actually a risk to others. Bad actors out there are not just interested in your data, but also to use the computer – without your knowledge – to implement money making schemes, or as a vehicle to attack other systems. He also rightly advises some extra precautions that should be used as well as the up-to-date, paid for antivirus. Although I fear that the technical aspects of those are already too much for some.

To that advice I will also add that the hardware drivers and any of the application software that is used on the computer are also potential doorways for unwanted entry in to their computers. Those things are often independent of Microsoft and Windows 7 and should be updated to the latest versions that are capable of running on that computer. Secure maintenance of an obsolete system requires active and knowledgeable management. Sticking an antivirus package on and then just carrying on regardless just isn’t good enough.

Lastly, just to point out that there is already at least one active malware program that can totally bypass all antivirus packages on all Windows PCs.

1
Vote up  |  Vote down   Reply    Report
Share   
Hide replies ∧
duncan lucas says:
11 December 2019

Do you mean-CVE-2019-1458 or -CVE-2019-0859 Nabwich ?
This affects Win 10 as well known as”privilege escalation flaw “–
CVE-2019-1458 is what’s known as a “privilege escalation” flaw, meaning an attacker would need to previously have compromised the system using another vulnerability. Handy in that respect is CVE-2019-1468, a similarly widespread critical issue in the Windows font library that could be exploited just by getting the user to visit a hacked or malicious Web site.

I hope nobody still uses Adobe Flash Player –really bad news !

1
Vote up  |  Vote down   Reply    Report
Share   
Nabwich says:
11 December 2019

For example:
https://news.sophos.com/en-us/2019/12/09/snatch-ransomware-reboots-pcs-into-safe-mode-to-bypass-protection/
I suspect that even this require some initial access to the computer, but the point was that the security threats are constantly updating and their mitigation requires knowledge and active management. Beyond the capabilities of most of those who are a happy to add an antivirus and its not their problem any longer. I won’t even start on the necessity for proper backups.

1
Vote up  |  Vote down   Reply    Report
Share   
duncan lucas says:
11 December 2019

Your right Nabwich but that is the problem on Which ? too much technical detail is frowned upon ,so like you I am holding back on a lot .
Its a case of “the public will not understand it ” to me that’s a bit patronising as I treat everybody equally and wouldn’t presume to downgrade their intellectual ability .
The real problem is the public never get know the background of something and don’t always reach the right conclusions and I also know plenty of tech guys who might spend more time here if “a bit of tech” was allowed .

0
Vote up  |  Vote down   Reply    Report
Share   
DerekP says:
11 December 2019

Hi Nabwich. Interesting article but it says “The attackers were foiled in their attempts to infect machines protected by Sophos endpoint products with the ransomware payloads, or to kill the Sophos endpoint protection services and processes on machines that were attacked. But others were not so lucky…”

So although you said “at least one active malware program that can totally bypass all antivirus packages on all Windows PCs.” that’s only true if it gets as far as being allowed to run in normal mode, and then sets up the reboot into safe mode – and Sophos seems able to block that.

0
Vote up  |  Vote down   Reply    Report
Share   
DerekP says:
23 December 2019

YouTube fans might enjoy this video:-https://www.youtube.com/watch?v=AL2llKqJ6oI in which Christopher Barnatt sets out his views on this topic.

0
Vote up  |  Vote down   Reply    Report
Share   
 

Related discussions