Last summer, Microsoft upset some computer hobbyists and die-hard fans of Windows 7 and 8, when they made the decision not to support those older operating systems on Intel’s and AMD’s new processors. This means if you want to build or buy a PC that has a Kaby Lake or Bristol Ridge CPU (or later), or if you want to upgrade your current hardware to get the processing power of the new chips, Microsoft says you need to upgrade your OS to Windows 10.

From Microsoft’s point of view, it makes sense. The older operating systems aren’t able to take advantage of all the features of the new hardware, and in general, users benefit from the better performance and stronger security of Windows 10. Unlike Windows 8 – which was reminiscent of Windows Vista in the amount of user frustration and dislike it inspired – Windows 10 has been well-received by most users once they become familiar with the interface.

Windows 10 is a much more futuristic operating system, and if you want or need to use a digital pen for drawing/handwriting, or the voice-controlled personal assistance of Cortana, it’s your logical choice. It also works beautifully with touch screens, without leaving traditional keyboard-and-mouse users in the lurch as Windows 8 did.

However, with Windows 10 Microsoft made a break with the past by abandoning some key features that, although used by a minority of their customers, are considered important or essential by those who do use them. Desktop gadgets and especially Windows Media Center are still beloved by many people and although there are ways to get similar functionality in Win10, it’s not easy nor as satisfying. I like live tiles, but they are in no way a replacement for the couple of great gadgets that I had been relying on for years. Luckily it is possible bring gadgets back to life via a third party program called 8GadgetPack, but you’d better have your gadgets’ installation files saved, because you’ll have a tough time finding them now.

The dropping of WMC is a much bigger issue. I love Windows 10 and we’ve upgraded almost every computer in our house to the new OS – except our media room PC. The sole reason it’s still running Windows 8.1 is Windows Media Center. We’ve been using it since XP Media Center Edition to record and timeshift TV shows, and we have a somewhat elaborate setup that utilizes Silicon Dust’s HD Homerun. We dread the day when the Windows 8.1 computer that’s hooked up to our 70 inch HDTV dies, and we have to replace WMC with an alternative such as Kodi or MediaPortal – which, no matter how good they might be, will involve a learning curve.

So there are those of us who have good reasons to keep using an older operating system, and there are also those who just don’t like change, don’t like the new interface, and don’t want to give up the familiarity of Windows 7, which was one of Microsoft’s most popular operating systems. Neither of those groups was happy to hear about the processor support policy last year, but at that time it wasn’t clear exactly how that policy would work. Would you be unable to install Windows 7 and 8 on a computer with a new processor, or would it just be “not officially supported?”

Now we know, thanks to a recently released document on the Microsoft support site.  The good news (sort of) is that you can install your old favorite on at least some of the new PCs. The bad news is that doing so will put you at risk of attacks that exploit software vulnerabilities. When you scan for updates or download them via Windows Update, you’ll get an Unsupported Hardware error message that says “Your PC uses a processor that isn’t supported on this version of Windows” and/or an error message that says “Windows could not search for new updates.”

Well, that’s not good. Not surprising, but not good. In fact, since the older operating systems already have less inherent security, the lack of patches delivers a bit of a double whammy. While Microsoft isn’t overtly blocking you from installing Windows 7 or 8 on your new or upgraded computer, it’s essentially making it a risky and undesirable thing to do.

According to security company Avecto’s 2016 report analyzing the year’s security bulletins released by Microsoft, there were more than 500 vulnerabilities patched last year, with 189 of them rated critical. While not all of these applied to Windows 7 and 8, many of them did. The inability to patch those operating systems would expose users to many of the most common threats, such as remote code execution, elevation of privilege, denial of service, and more.  Most attacks are based on exploits of known vulnerabilities, and often attackers create their malware by reverse engineering released patches to design an exploit – then target all those systems that, for whatever reason, remain unpatched.

Keeping systems updated with security fixes is one of the most important aspects of any IT security strategy, for both businesses and individuals. An operating system that can’t be patched is an OS at risk – and one that puts the rest of the network at risk, as well. Thus Microsoft’s decision to enforce the policy in this way has led to quite a bit of criticism. With Windows 7 in extended support until 2020 and Windows 8.1 still in mainstream support, many expected the company to continue with security fixes only (no performance and feature updates) during that time, despite the previous announcements that only Windows 10 would officially support new processors.

Note that according to reports, March Patch Tuesday security updates seem to download and install on Windows 7 running on Kaby Lake systems, indicating that the policy enforcement hasn’t yet taken effect. We have no official word from Microsoft as to when (or even if) it will. Given that they originally intended to apply the policy to the Skylake processors but then listened to customers and relented, there is always the possibility that the same thing will happen here – but don’t count on it. At some point, backward compatibility always gives way to the need (both practical and business) to push customers to the latest platform. The many folks who moved reluctantly from Windows XP to Windows 7 may soon find themselves once again forced to upgrade, if they want to use the latest and greatest hardware.

Don’t forget that if you need any help detecting volnerabilties on your network, GFI LanGuard can help. Try GFI LanGuard, for free, for 30 days. 


Get your free 30-day GFI LanGuard trial

Get immediate results. Identify where you’re vulnerable with your first scan on your first day of a 30-day trial. Take the necessary steps to fix all issues.