Windows 7 and Server 2008 R2 End of Life

This is a reminder that Microsoft has scheduled Windows 7 and Windows Server 2008 R2 SP1 to be end of life as of January 14, 2020.  This means that the last security patches for these operating systems will be available on that date, after which it will be officially unsupported by Microsoft. Check the following links for more information:

Windows 7:
Windows Server 2008 R2:

It is highly recommended that the any workstation still operating with Windows 7 (or earlier) be upgraded to a supported operating system (Windows 8.1 or later).

Similarly, any server still operating with Windows Server 2008 R2 (or earlier) should be upgraded to a supported operating system (Windows Server 2012 or later) or the services that this server provides should be migrated to a server that is running with a supported operating system.  If you need to replace a server running Windows Server 2008 R2 you might want to consider the following:

  • If the only function of this server is to act as a file server, Western cloud storage offered by WTS may be a viable solution.
  • ITS also offers dedicated virtual servers where you can have the same management control you would with a physical server.

More information including costs concerning both of these options can be found within the WTS services document.

The Information Security team recognizes that there will be some servers remaining in service after Microsoft’s end-of-life date for Windows Server 2008 R2.  There are some steps that can be taken to mitigate the risk that is inherent in running an unsupported operating system.  Steps such as the following should be considered.

  1. Isolate the server on a protected network segment
  2. If not already done, assign the server an ip address that is not publicly accessible via the Internet
  3. Review local firewall rules to ensure access is available only to those that require it
  4. Ensure that the applications running on the server have all available security patches applied (eg: Java, adobe products, etc)
  5. Have up-to-date antivirus and anti-malware scanning tools installed
  6. Actively monitor the state of the server to be able to detect unauthorized access
If you have any questions regarding this, please contact the Information Security team via email at

Published on  and maintained in Cascade CMS.