Why are government users most worried about Windows 7?

This year, for Microsoft users, is a year to say goodbye to many products. Windows 7 is one of them, and users who still use Microsoft-related products will face significant security risks and can be very serious.

Therefore, Microsoft recommends that customers who still use service termination software should upgrade to the latest on-premises or cloud version as soon as possible to keep their systems secure. However, just before it was discontinued, the world’s first simultaneous composite attack on two 0day vulnerabilities, IE and Firefox, has now been officially fixed by Mozilla, but IE is still exposed to the “double star” vulnerability threat.

This has also caused a great deal of panic among Windows 7 users, who are not sure whether the Win 10 system is as secure as the Windows 7 system, and how the vulnerability threat to individuals and businesses is the threat, and how do we respond? What damage might this suspension cause?

Windows 7 stop service, government and enterprise unit security difficult to ensure

One of the most important judgments is that Windows 7 is a weak impact on individual users, and it is the real impact on the users of government and enterprise units.

On January 18, a special technical forum organized by CCF YOCSEF was held in Beijing. At the meeting, the former director of the First Research Institute and the Third Research Institute of the Ministry of Public Security, Yan Ming, former director of the Computer Security Professional Committee of the China Computer Society (CCF), Dr. Zuo Xiaodong, Vice President of the China Information Security Research Institute, Zheng Wenbin, Chief Security Technology Officer of 360, and Cui Guangyao, Vice President of China Information Security Magazine, on Windows 7 The security risks of the suspension are shared with the way things are broken.

In The view of Zuo Xiaodong, the first thing to do with Windows 7, we must first respect the laws of business, which is normal business behavior in the context of a society governed by the rule of law and market economy, and secondly, in the face of similar events, the government does play an important role in safeguarding critical information infrastructure, and should also assume the corresponding public service obligations such as early warning notification. Finally, focus on the practical impact of Windows 7 outages on network security, and Microsoft’s judgment of the computer industry as reflected in the outage, which could be a major node in the shift in focus of its business from PC to mobile and cloud ecosystem.

Windows 7 outages do have a big impact on older pc users, especially in the industrial control sector. But compared to Win XP, our country is prepared this time, and many departments and areas can find alternatives. On the other hand, nearly 60% of users nationwide still use Windows 7, which could have two or three billion users, which represents a huge business opportunity. 2019 China’s network security has undergone some important changes, it can be considered that China’s network security into the second half. Cui Guangyao said.

Yan’s opinion is that, first, upgrading to Win 10 is relatively simple for individual users, and it is difficult for government and enterprise units, especially in the industrial control scenario; Users and government authorities should work together to require Microsoft to do a good job of service or to continue to provide services in the event of a major security incident.

So the question arises, how can we protect government and enterprises from the threat of loopholes? Perhaps we can find some answers from 360 Chief Security Technology Officer Zheng Wenbin.

It’s not just a vulnerability threat.

In Zheng’s view, the 0day vulnerability attack may be just one of the security threats that Windows 7 system users face after they stop. However, the security risks that users face after Windows 7 stops naked have been exposed.

Why are government users most worried about Windows 7?

Stopping updates for Windows 7 means that Microsoft no longer has bug fixes and defense-in-depth policies for Windows 7, nor does it provide security defenses such as cryptography, ASR, etc., and the user’s use risk doubles in the event of loss of Microsoft’s technical support.

That is to say, 60% of domestic users face zero-day vulnerability and the threat of “ITW” 0day, after the suspension of these users can not be informed of the vulnerability intelligence, Microsoft will soon lose this part of the vulnerability intelligence, so there is no comprehensive vulnerability assessment and analysis and effective protection, repair and confrontation programs. Terrifyingly, APT organizations and black workers are also following the system, obtaining this part of the vulnerability intelligence, and taking the opportunity to launch an attack.

In addition, the main threat struck today is the threat of zero-day vulnerabilities, the most dangerous being remote cyberattack surfaces, remote network services, such as the “eternal” series of attacks in 2017, and last year’s RDP remote vulnerability, which can lead to worm-level attacks through contactless remote cyberattacks.

In the process, the biggest “victims” are browsers and office software. The second is the vulnerability of the right promotion, the security software, security mechanism protection will be affected.

In addition, from Windows 7, there will be more applications for virtualization, which means that there is also a vulnerability threat to virtualization. And the most profound impact is in the wild vulnerability threat, so-called wild vulnerability is the hacker knows we do not know the vulnerability.

For users, there are only two options:

One is to upgrade a new operating system, such as to Win10, or use a different operating system, such as an open source operating system or a home-grown operating system.

The second is to continue using the Windows 7 system, but security is not guaranteed. On the one hand, we don’t know exactly which vulnerabilities will affect Windows 7, if Win 10 has a similar problem, Microsoft will provide services, and if Windows 7 is unique to Microsoft will no longer provide services, Microsoft will lose information about this, so, This gives the attacker stake because there are at least 60% of Windows 7 users in the country. On the other hand, how to conduct a comprehensive vulnerability assessment and analysis of intelligence threats is also an important issue, how to produce effective repair and confrontation programs, is also a difficult point.

The Windows operating system listed on the government procurement list was Windows 7, and subsequent Win 8, Win 10, etc. were not included in the government procurement list, so the current usage of Windows 7 is still relatively high in the government system.

Upgrading the system may not be the first choice for most governments or businesses, after all, Win 10 is not on the government procurement list. But continuing to use the Windows 7 system, the user’s application system is as unsecure as a naked run.

In this regard, Zheng Wenbin put forward five major response plans. They are vulnerability patch analysis, vulnerability mitigation technology, operating system/application hardening technology, threat intelligence and micropatch technology, isolation, and virtualization. Of these, the last four responses were internalized into four engines integrated into the 360 recently launched Windows 7 Shield.

Of course, this is just to deal with the risks after Windows 7 is discontinued, and the priority is to be your self. As several experts mentioned, windows 7 service, although the user’s security challenges and risks, but will significantly promote China’s independent intellectual property product development and promotion of the speed, is not a good thing.