Nearly 41 percent of users still employ unsupported or approaching end of support desktop operating systems (OS) like Windows XP or Windows 7, a new survey found.
In addition, 40 percent of very small businesses (VSBs) and 48 percent of small, medium-sized businesses (SMBs) and enterprises still rely on these systems for their security needs, according to a report by Kaspersky.
In most cases, the end of an OS lifecycle means no further updates will be issued by the vendor including updates related to cybersecurity. As OSes become outdated, it is common for security researchers or cyber attackers to find previously unknown vulnerabilities within these systems.
Subsequently, these vulnerabilities may be exploited in future cyberattacks leaving users exposed as they will not receive patches to resolve the issue. To gauge how many of these at-risk systems exist at scale, Kaspersky researchers analyzed the anonymized data of OS use provided by Kaspersky Security Network users.
The results found four out of ten consumers still use obsolete systems, including Windows XP and Vista.
When the WannaCry attack occurred, Microsoft issued an emergency patch in May 2017, to help Windows XP users fix the issue.
When identifying the specific versions of outdated OS being used, two percent of consumers and one percent of workstations used by VSBs rely on Windows XP, an OS which has not been supported for over 10 years.
Less than half a percent of consumers (0.3 percent) and VSBs (0.2 percent) still prefer Windows Vista, an OS that has not received mainstream support for seven years. Remarkably, some consumers (1 percent) and businesses (0.6 percent of VSBs and 0.4 percent of SMBs and enterprises) were unaware of the free update to Windows 8.1 and continue to use Windows 8 which has not been supported by Microsoft since January 2016.
For consumers and businesses, Windows 7 is still a popular system of choice, however extended support for this OS is coming to an end in January 2020. More than a third (38 percent) of consumers and VSBs, and 47 percent of SMBs and enterprises, still run this OS. For small, medium-sized and enterprise business segments, the share of Windows 7 and the newest version Windows 10 (47 percent of workstations work on this OS) is the same.
“Statistics show that a significant share of users, both individuals and businesses, still use workstations running outdated or approaching end of lifecycle OS,” said Alexey Pankratov, enterprise solutions manager at Kaspersky. “The widespread use of Windows 7 is concerning as there is less than six months to go until this version becomes unsupported. The reasons behind the lag in updating OS vary depending on the software in place, which may be unable to run on the newest OS versions, to economic reasons and even down to comfortability of routinely using the same OS. Nonetheless, an old unpatched OS is a cybersecurity risk and the cost of an incident may be substantially higher than the cost of upgrading. This is why we recommend that customers migrate to supported versions and ensure that additional security tools are in place during the transition period.”