Information Security

Windows Server 2003 End of Life

This is a reminder that Microsoft has scheduled Windows Server 2003 to be end of life as of July 14, 2015.  This means that the last security patches for the operating system will be available on that date, after which it will officially unsupported by Microsoft. Check this link for more information:

It is highly recommended that the any servers still operating with Windows Server 2003 be upgraded to a supported operating system (Windows 2008 Server or later) or that the services that this server provides be migrated to a server that is running with a supported operating system.  If you need to replace a server running Windows Server 2003 you might want to consider the following:

More information including costs concerning both of these options can be found within the ITS services document at

The Information Security team recognizes that there will be some servers remaining in service after Microsoft’s end-of-life date for Windows Server 2003.  There are some steps that can be taken to mitigate the risk that is inherent in running an unsupported operating system.  Steps such as the following should be considered.

  1. Isolate the server on a protected network segment
  2. If not already done, assign the server an ip address that is not publicly accessible via the Internet
  3. Review local firewall rules to ensure access is available only to those that require it
  4. Ensure that the applications running on the server have all available security patches applied (eg: Java, adobe products, etc)
  5. Have up-to-date antivirus and anti-malware scanning tools installed
  6. Actively monitor the state of the server to be able to detect unauthorized access
If you have any questions regarding this, please contact the Information Security team via email at

Last updated on and Powered by Cascade Server