Yesterday, Microsoft officially discontinues updating Windows 7 systems. This means that officially, there will not be any more technical support, software updates and security checks. On the eve of Windows 7 system shutdown, the world’s first attack that simultaneously exploited two 0day vulnerabilities in IE and Firefox browsers appeared. According to the latest news, Firefox has taken care of the 0day vulnerability. However, Internet Explorer is still exposed to the threat of a “double star” vulnerability attack.
In May 2017, after the Win XP system was suspended for three years, the Windows system SMB vulnerability was used to sweep the WannaCry ransomware virus across the world. In May 2019, two years after the outbreak of WannaCry, the Bluekeep high-risk remote vulnerability comparable to “Eternal Blue” once again exposed 4 million hosts worldwide to the vulnerability storm.
As of the end of October 2019, China’s domestic market share of Windows 7 systems still accounts for nearly 60%. The “Double Star” 0day vulnerability is not within the scope of Windows 7 repair. Attackers can rely on this vulnerability to hit all computers using this system. Looking at malicious samples, the attacker uses a malicious webpage combining two 0day vulnerabilities to attack. Whether its the IE browser or Firefox browser, they would be successful. The attacker can implant ransomware and steal sensitive information.
Currently, the latest Firefox browser has a fix for this vulnerability. However, for Internet Explorer users, especially users running Windows 7 systems, there is no solution.
Windows 7 devices should be replaced rather than updated – Microsoft
Microsoft suggests to Windows 7 users that they are better off buying a new PC than upgrading their existing equipment.
For most Windows 7 users, it is recommended to use a new device migrated to Windows 10 Pro. Surface devices are faster, lighter, more powerful and more secure, and their average price is significantly lower than the average price eight years ago.
Microsoft also pointed out that some parts and drivers may not work properly. Thus, it does not recommend an upgrade to Windows 10. The good news is that Windows 10 comes with basic drivers. This means that you may boot into Windows normally. However, you cannot use proprietary hardware or other features, such as an SD card reader or a fingerprint scanner. These features are maintained by the OEM.