Jump to content
exile360

Windows 7 Holdouts

Recommended Posts

I have been seeing a lot of chatter lately, including here on the Malwarebytes forums, from users who have chosen to stick with Windows 7, even after the upcoming End Of Life later this month, and while we don't advise anyone to continue using an unsupported operating system which will no longer be receiving security patches from its developers, it is understandable that many are apprehensive about making the 'upgrade' to Windows 10 (even if it is still free for all Windows 7/8/8.1 users even now).

Microsoft has drawn numerous lines in the sand and have done just about everything possible to push, or even try to force everyone to abandon Windows 7 and Windows 8/8.1 and install Windows 10, including pushing it through Windows Update as an automatic update (an unprecedented event that many speculate was a desperate move on their part to try and meet their 1 billion devices in 3 years goal that they set for themselves (which they failed to meet by the way, as Windows 10 only recently overtook Windows 7 just last year; likely due in large part to the fact that most of the latest hardware/chipsets don't support Windows 7, primarily thanks to Microsoft as they convinced AMD and Intel not to issue drivers for Windows 7 for their latest chipsets/devices, even though it would be trivial for them to do so as there is virtually no difference between the basic hardware APIs used by drivers in Windows 7 and Windows 8/8.1 and Windows 10 with the only major exception being DirectX 12 support, and even that is debatable, and in fact thanks to pressure from many businesses and OEM's, Intel has in fact provided drivers for Windows 7 for everything up to their Z370 chipset (which supports their current latest generation Coffee Lake Refresh 9xxx series CPUs, including their powerful 8 core 16 thread 9900K and all of its variants) including USB 3.0/3.1 support and full PCIe M.2 NVMe SSD drive support; capabilities many claimed would be 'impossible' for the aging Windows 7 OS (my current system uses USB 3.0 and 3.1 and runs on an NVMe PCIe SSD and I'm using Windows 7 x64, just FYI) so for determined enthusiasts and business customers, Intel has provided a means to continue using Windows 7 even when upgrading to the latest hardware (though support ends with the Z370 chipset, as the newer Z390 chipset is most definitely NOT supported under Windows 7 though some claim to have successfully modded their drivers to successfully get the OS installed and working on such systems, as have many AMD Ryzen users, so Microsoft hasn't been quite as successful in their efforts as they would like).

Obviously I'm a Windows 7 enthusiast, however there is a rather large, scary elephant in the room that must be addressed, and it is the purpose of this very forum and company, namely, SECURITY.  The fact of the matter is, no matter how hard we might try, new vulnerabilities will inevitably be discovered in the aging operating system that Microsoft will never patch, and while I and many others like me are confident that we can secure the OS through extreme measures through the disabling/crippling of 'features' which would normally be prime targets for exploitation by malware and hackers (such as anything having to do with shared networking and remote access; which incidentally rendered my system immune to the EternalBlue exploit that was used to spread the WannaCry ransomware so successfully to millions worldwide; one of the worst cyber-attacks on record), many simply are not educated enough about the inner workings of Windows to do this (and unfortunately I know of no 'tools' to make the job any easier; I have my own procedures, scripts and custom registry files that I created and use for this purpose, and no I cannot share them with anyone, sorry; I won't be responsible for anyone accidentally bricking their systems because my very custom scripts failed to work properly on their systems).

With that said, there are things that anyone who is serious about sticking with Windows 7 at this point can do to better their odds of staying free of malware and secure from hackers and as of yet undiscovered 0-day exploits which Microsoft will likely never patch, and it starts with being cautious online.  The usual advice applies about 'practicing safe hex' by not downloading every 'free' thing on the internet, staying away from shady sites, being conservative about the use of social media (in particular NOT clicking on every link/video/image/article in your social media feeds, regardless of the source), not downloading unknown attachments in emails, and of course using a secure, up to date web browser with good security add-ons/extensions, a good ad blocker, and keeping good, up to date security software installed which includes real-time protection to guard against the latest threats, especially exploits, Trojans and ransomware, as these are by far the greatest risks to PCs right now, including and especially Windows 7 once it reaches end of life.  Thankfully Malwarebytes has made their position clear on this matter and have chosen to stick by users who continue to run Windows 7 per their own FAQ which states: 

"Additionally, as Microsoft has announced its Support for Windows 7 will be ending Jan 2020, we are frequently asked about Malwarebytes supporting Windows 7.

Even though Malwarebytes does not recommend running operating systems that Microsoft no longer supports, we have no current plans of ending, or phasing out our support for Windows 7. This means that until further notice we will continue to support Windows 7 as we have up to this point.

For further details, please view the official Malwarebytes Lifecycle Policy:"  

https://www.malwarebytes.com/support/lifecycle/

This is good news for anyone choosing to stick with Windows 7 as the behavior based 0-day protection provided by Malwarebytes Premium, in particular the excellent Exploit Protection, recently added Ransomware Protection, not to mention the world-class Trojan and general malware detection capabilities that Malwarebytes has always been known for (which have only gotten better over time, especially in recent years with spectacular advancements in the technologies in Malwarebytes) should give Windows 7 users a much better chance of surviving past the EOL date, especially when paired with a good AV such as Microsoft Security Essentials (which Microsoft still plans to support signature updates for on Windows 7, at least for the time being) as well as products from other vendors like Avast, Avira, AVG, Bitdefender and many others.  Normally Malwarebytes Premium alone would be enough, however given the circumstances I would definitely recommend anyone considering staying on Windows 7 past this January consider selecting a good antivirus to run alongside it just for that added layer of security just in case.

I also highly recommend that everyone (not just lingering Windows 7 users like me) install Malwarebytes Browser Guard which is available for Google Chrome (and most other Chromium based browsers, including my personal browser of choice, SRWare Iron, along with Vivaldi and even Microsoft's own Chromium based Edge browser) as well as Mozilla Firefox.  It is free and works well alongside Malwarebytes Premium to help make surfing the web much safer.

There is a lot to consider with regards to Windows 10 as things are very different now since Microsoft has changed directions to attempt to survive and thrive in an ever changing technology industry; where once their main competition was Apple, it is now Google, and where once it was enough for them to have a 90% market share on all desktop and laptop computers and sell Microsoft Office to everyone, they now seek customer data and telemetry and try to provide software as a service, rather than strictly a developer/seller of software.  These changes have given many users pause with regards to how they choose to upgrade their systems.  I used to be the type of enthusiast user on the cutting edge of technology, always seeking out the latest and greatest, eager to see what Microsoft is working on behind the scenes and ready to install the latest alpha/beta of any upcoming OS they are preparing to launch (I was in on the Vista beta/RC programs and moved to 64 bit as soon as it became available, abandoning XP as my primary OS well before Vista was even officially released back when it was still known as Windows Longhorn).  I was always excited to see how they were going to change the look and feel of Windows and how they would leverage the latest technological advancements in hardware and software to deliver a fresh experience.  I fell in love with Aero Glass, was always enthused about their latest DirectX APIs, and always touted the advancements in security that they made with each OS release (in fact, I was one of the few who actually liked User Account Control in Vista and was somewhat disappointed seeing it get dialed back in Windows 7 and later Windows versions, though I do understand why some get annoyed with it).  I dug into the new Windows Firewall with Advanced Security and to this day continue to lock down my system through custom rules to plug holes and ports that I know I will never use for services like remote access, file and printer sharing, and network discovery; things I could never fully accomplish in XP without a third party firewall.

The point of all this is that I am not telling anyone that they should stay on Windows 7, quite the opposite.  However, if you're like me and simply cannot stomach Windows 10 and Microsoft's current policies of treating users and their privacy like a commodity for their own exploitation, then there are options, thanks in part to security vendors like Malwarebytes.

Eventually we may all have to bite the bullet and use Windows 10, or even switch to Linux, but for some of us that day has not yet come.

Stay safe out there.

Share this post


Link to post
Share on other sites

A big big ask of users to stay away from social media and the urge to check links.. An addiction which will be very difficult to curb or control.. So, better to be wise than sorry. telemetry is no doubt a concern. There will always be hidden agenda / user policy which will keep mining data w/o user's knowledge.. Being practical than being paranoid and losing peace of mind. Security tools themselves do mine data (whatever the reasons valid it may be) than why blame MS alone? 

Share this post


Link to post
Share on other sites

I don't blame MS alone, however the extent of their mining crosses the line far beyond typical application usage and even browsing data into logging instant messages, emails, logging keystrokes, installed applications, application usage, web searches, filesystem searches, information about files stored on the PC (including personal files and documents; a major concern for those in the business world) and far more.  It crosses the line far into what would normally be considered malware territory.

Google is just as bad, and that's why I refuse to use their browser or search services, because I value my privacy.

Regarding social media, the fact of the matter is, it is one of the primary means of spreading malware and executing scams.  Users will do what they will, however they need to at least be aware of the risks involved in their activities.  They need to be careful about the files they download and the links they click.  If they aren't responsible enough to do that, no amount of security tools, browser add-ons and security measures can protect them, because there isn't a product made that can protect users from themselves.  Only awareness, knowledge and caution can do that, which is one of the reasons these forums and places like it exist for that very purpose.  The same is true for the Malwarebytes Labs Blog as well as the Cybersecurity basics learning center.

Addictions can be dangerous, and difficult to stop or control, however it is possible to do better.  Just ask the countless people who have stopped smoking over the past few decades.  I can't count myself among them because I still enjoy smoking even knowing the risks and damage to my health, and as with those who continue to take risks online, I am taking my fate into my own hands when I do so, however just as I am aware of the risks inherent in smoking, they too should be aware of the risks posed by using social media, both to their security and their privacy, particularly since many people tend to share far too much personal info and day to day details about their lives there.  It is a robber's paradise for anyone looking to execute any sort of social engineering scam or even physical robbery (since many people post about when they will be on vacation/out of town/at work/at school etc.) so it eliminates the need for criminals to case their potential victims as they normally would.  They can just check their Facebook and Twitter status.  A lot of people don't think about such things, but you can bet that the criminals do.

Share this post


Link to post
Share on other sites

If there is so much to compromise with MS than open source options are the better bets, instead of losing peace of mind and getting paranoid with MS. Agreed, you cam't do everything going to open source which is not fully compatible for Gamers etc. Want the best of both, than go for MS for Gaming alone and and switch to open source for other general works (either with separate dedicated systems or with Multiboot..

Edited by sman

Share this post


Link to post
Share on other sites

We've already had this conversation (multiple times in fact); Windows 7 suits my needs, Linux currently does not, and I absolutely will not under any circumstances use Windows 10, period, so that's where I'm at.  I can secure it, I assure you.  I just can't guarantee that for anyone else because I do not share my custom tools and methods since they are not for those who don't know what they are doing.

Share this post


Link to post
Share on other sites

My suggestion is for Windows lovers to go for dedicated / multiboot systems, to get the best of both and yes, you have made clear that you're sticking to Win 7 with your own tools & protection. And my suggestion is for Windows lovers in general.

Share this post


Link to post
Share on other sites

I Recall the same hype about security issues when XP reached EOL.

It will all come out in the wash as everyday users replace their old computers, and fans who stick with Win7 will know what they are doing. It's business and (quasi) government organisations that will be taking chances.

The big problem that hit XP was wannacry, where big organisations (like the NHS in the UK) had stuck their head in the sand about the cost of updating to Win7, nevermind 8, 8.1, or 10. It cost them a damn site more when they got compromised. (And many parts of the NHS still haven't upgraded from XP yet).

Share this post


Link to post
Share on other sites
2 minutes ago, nukecad said:

It's business and (quasi) government organisations that will be taking chances.

Yes, that does concern me greatly.  I can't tell you how many times I've seen businesses still running Windows XP or even Windows 2000.  It's insane, and these are the people trying to harvest the same kind of data as Microsoft and Google, not to mention that many are businesses of commerce which we give our payment details to and often other personal information like social security numbers, dates of birth and more.  It is no wonder that data breaches have become so common.  Of course data breaches are one of the big reasons I don't like companies like Microsoft harvesting so much data in the first place, because even if they are trustworthy and only using the data anonymously to make their software better, what happens when someone invariably leaks customer data or infiltrates one of their cloud data stores or one of those belonging to one of their partners who might not have the same policies with regards to security and patching as Microsoft does?

In my opinion the solution isn't new software, or even patches; it is for businesses to finally get the point that collecting all of this data is wrong and far too risky, regardless of the potential gains and their declarative purpose of 'data-driven, customer-centric development'; the fact of the matter is, when it comes to innovations and new products and trends, nobody sees them coming until they're already here, and they do not generally come from existing trends in the marketplace and user data/feedback; the most successful trends and products, at least in recent history, are almost always those that the customer didn't even realize they wanted/needed until someone showed it to them.  The iPod is a great example, as is the iPhone.  Even the original Nintendo, which the entire industry was screaming should have been a total failure due to the then recent 'home video game crash' that hit earlier vendors like Atari, yet look at these products and companies now.

Malwarebytes itself is such a success story.  While it did come from a need in the market (because the big AV vendors were dropping the ball and Marcin and co saw opportunities in using new heuristics techniques that pretty much no one at the time was employing in their products), most users were content with their single AV or Internet Security suite, and maybe a secondary 'anti-spyware' program.  However word traveled fast once people started using Malwarebytes against the nastiest threats on the net and learning just how powerful and useful it was.

Share this post


Link to post
Share on other sites

I just checked the current Steam stats and found something quite interesting:

OS.thumb.png.efeeb9f1731c1d085a90a31e26bd3d1a.png

The top OS is still Windows 10, however if you look at the percentage of change, it shows that Windows 10 is on a downward trend for some reason.  More people switching to Linux perhaps?  Let's see; I clicked the 'OS Version' entry to get more details and this is what I found:

1033910408_Hereswhy.thumb.png.a4fb511b443dfd230bbc679471cd8e8d.png

So it seems that while Windows 10 is down for the month by approximately 13%, Windows 7 x64 is UP in usage by around 14.5%.  Why that is I have no idea, but I would speculate that with the end of support date approaching, more gamers and tech oriented users are investigating the possibilities with regards to getting Windows 7 to run on modern hardware and are discovering the Intel/Ryzen loopholes that I've mentioned previously.  Either that, or there are a LOT of really old systems being bought on ebay that have Windows 7 or something (a possibility, but I doubt it).  As for the reason, I can only speculate, however I have seen tons of benchmarks showing that many major game titles not only run better under Windows 7 compared to Windows 10, but they actually give higher framerates on the same hardware when run in DX11 mode compared to the more 'advanced' DX12 or Vulkan (likely due to the fact that most modern GPUs are better at rendering DX11 vs DX12/Vulkan because they are stronger at rasterization than they are at compute (the exception being GCN based AMD cards like the Polaris based RX series and Vega series GPUs which are a minority in the market compared to 10 series NVIDIA cards; the modern 20 series Turing GPUs from NVIDIA are better at compute than Pascal and Maxwell were (the 10 series and 9 series), however they are still quite expensive (I would argue overpriced) and not nearly as common; basically the Geforce 10 series are the 'ultimate' DX11 GPUs, so going to Windows 10/DX12 doesn't really net any gains in performance).

Of course it could be an anomaly and next month the numbers could shift dramatically as the EOL day comes and more users obey Microsoft and migrate to Windows 10, however it is odd that 7 shows such a spike in usage for December.  A 15+% jump is no small thing.  It might also be esports gamers in China, as I noticed the most common language is Simplified Chinese, and they have many e-cafes where they have systems set up for gamers to go online and play.  If they are all running Windows 7 and many more were set up recently, that could account for the numbers, but it would have to be a large chain of cafes/large number of systems to account for a spike like that.

Edited by exile360

Share this post


Link to post
Share on other sites

Maybe the Win 10 gamers are digging their old Win7 kit out to check if it's still running prior to EOL?
Or it maybe the hype over Win7 EOL is reminding people that they still have Win 7 kit that can be used for gaming?
Users getting new PC's for Black Friday and giving their old kit to the kids to play games on?

Who can tell?

Share this post


Link to post
Share on other sites

Yeah, it's an odd case to be sure.  Whatever the reason, I'm sure Microsoft isn't too happy about it :P 

For those of us still staying on Windows 7 after the EOL date, I do have some good news.  I checked on NVIDIA's site and discovered that the driver packages for Windows 7 x64 for their desktop 20 series GPUs are identical to the driver packages for their 10 series mobile GPUs, meaning that (even though they don't provide a package officially for it) you can actually use 20 series mobile GPUs in Windows 7.  This is good news for me as the laptop I recently ordered has a GTX 1080, but is upgradable all the way to an RTX 2080.

Share this post


Link to post
Share on other sites

Maybe not the best place to post this. I have killed off the daily full-screen nag from M$ to inform me that W7 is now no more. Fixed it by cancelling the EOS tasks in Task Scheduler. 

Share this post


Link to post
Share on other sites

Yeah, I did the same.  I removed all those scheduled tasks for EOL that shipped with some of their recent updates.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.