Numerous popular software products and operating systems have either reached or will soon reach their EOL. The most current example is Windows 7, for which Microsoft ended support on Jan. 14, 2020. This turned out coincidentally to be the same date that Microsoft released an emergency update for Windows 10, an update prompted by information provided to Microsoft by the National Security Agency.
Microsoft had previously explained the dangers of still using the software: “If you continue to use Windows 7 after support has ended, your PC will still work, but it will become more vulnerable to security risks and viruses because you will no longer receive software updates, including security updates, from Microsoft. Microsoft strongly recommends that you move to a new PC running Windows 10 to avoid a situation where you need service or support that is no longer available.” This statement turned out to be remarkably prescient in light of the emergent security update for Windows 10.
In addition to Windows 7, numerous other Microsoft products will end support in 2020, including most of the products included with Microsoft Office 2010 and 2016, such as Outlook, Word and Excel. End-of-life dangers apply not only to Microsoft products but also to numerous software and hardware from other companies. For example, support was scheduled to end on April 7, 2020, for the 2015 standalone/classic versions of Adobe Acrobat DC and on Oct. 1, 2020, for WinZip 21.5. Support has already ended for Windows 10 versions 1703 and 1803. To determine which version of Windows you are running, go to https://support.microsoft.com and type in “Which version of Windows operating system am I running?”
Many users never check to see if they are running unsupported software. But they should, and if they discover they’re using outdated products, they should update or upgrade immediately.
It is critical to note that using a firewall, antivirus software and other security suites does not protect against unpatched or unpatchable dangers and are an invitation to hackers to do their dirty work. Thus, there are many risks of running unsupported software, including the following:
- Security vulnerabilities: Because manufacturers only release security fixes in limited (and always dangerous) situations, EOL products are replete with security hazards.
- Software incompatibility: New software products are designed to work better with newer operating systems and other software.
- By using EOL products, you may not be able to upgrade other software, which can also become security threats.
- Lack of support: If your software is at EOL, there is probably no technical support for it, which means that any questions you have about how to use it will probably not be answered.
- Unanswered questions can lead to mistakes, which can impact security and functionality.
- Compliance issues: If your practice includes working with regulated entities such as health-care providers, who deal with sensitive and confidential information, use of outdated software could expose you and your clients to risks that could endanger their company or lead to fines and other risks.
- Poor quality: The older your hardware and software, the greater the likelihood that these items are no longer under warranty. This leads to a greater likelihood of breakdowns and the increased costs associated with such breakdowns and repairs.
- Slow performance: New software and hardware run more efficiently—that is, faster—than their older counterparts. End users, such as your staff, often do not realize how much time is wasted waiting for programs to load, for websites to appear and other computer actions. Upgrading to new hardware and software can dramatically improve your office’s productivity.
The Center for Internet Security (cisecurity.org), a nonprofit organization devoted to safeguarding private and public organizations from cyber threats, publishes a monthly End-of- Support Software Report List because it recognizes that “the process of finding [EOL] dates and locating all the instances of obsolete products can be a difficult and time-consuming task.”
There are situations when a firm may need to use unsupported or outdated software, but they are generally rare. When confronted by this situation, it is important to balance the benefits of running the software against considerations such as whether there is a newer, and supported, product that meets the firm’s needs. These decisions should be made on a case-by-case basis in consultation with the firm’s IT staff or consultants.
Because most firms do not inventory the software on every user’s computer, it may also be helpful to perform a network inventory. Fortunately, there are many products that can assist. One helpful free product is Spiceworks Inventory, which you can download. The program will automatically inventory all of the PCs, Macs, Windows and Linux servers, switches, etc., on your network, help you track warranties and the age of your system and provide other helpful reports.
In summary, end-of-life hardware and software pose huge risks for law firms. With appropriate planning, you can avoid the dangers of “curdled” software. Difficult or not, getting rid of EOL products should be a priority for every law firm.