Earlier this month, the FBI sent out a warning to U.S. private sector partners about the Windows 7 operating system. Their official warning addressed the dangers of continuing to use Windows 7 after it reached its end-of-life (EOL).
Continuing to use Windows 7 after it has reached its EOL status poses a huge security risk for users. Over time, the operating system will become more vulnerable to exploitation. This is due to the lack of security updates it would receive, and new vulnerabilities discovered. This would make Windows 7 a prime target for cyber criminals as it may provide access into computer systems.
The FBI is strongly encouraging companies to update their workstations by using newer versions of the Windows operating system.
Migrating to a new system can present certain challenges to companies of course. This includes financial burdens for purchasing new hardware or updating their current software in use. The Bureau, however, points out that the threat of loss of intellectual property should be a greater concern to organizations.
The Bureau presented the Windows XP problem that had affected the healthcare industry recently. Increased compromises were observed when an operating system that has achieved an EOL status continued to be used. The Windows XP EOL was announced in April of 2014. The following year, the healthcare industry experienced a large increase of exposed records.
Windows 7 vulnerabilities that were exploited
Additionally, the FBI’s Private Industry Notification (PIN) mentions other Windows 7 vulnerabilities that have been exploited in recent years.
Cybercriminals were able to exploit a vulnerability called BlueKeep. This allowed them to break into Windows 7 devices that have their Remote Desktop Protocol (RDP) endpoint enabled. LIFARS is also exploiting this vulnerability during its Red Teaming engagements. To find out about the details of how this vulnerability can be used to gain access into information systems, read our Case Study.
The agency also mentions the EternalBlue exploit that was used by the WannaCry ransomware in 2014. Microsoft had provided a patch for this vulnerability but was not effective in stopping the attacks. This was due to Windows 7 users not updating their systems in time.
The FBI proposes the following recommendations in addition to upgrading systems:
- Ensure your anti-virus, spam filters, and firewalls are up to date, properly configured, and secure.
- Perform auditing of network configurations and isolate computer systems that cannot be updated.
- Audit your network for systems using RDP, close unused RDP ports, apply two-factor authentication wherever possible, and perform logging of RDP login attempts.