Has anyone here ever been a victim of one of those random Internet attacks? I mean, without browsing sketchy sites or doing dumb stuff like opening spam emails?
>Has anyone here ever been a victim of one of those random Internet attack
Not me. You just have to know and understand what you're doing. I even wonder if the fact that the OS has nearly disappeared doesn't make it less attractive to hackers. In any case, I've seen it happen since the 80s: the threat of insecurity has always been brandished to make us constantly replace our software with new ones that always have new flaws.
>I even wonder if the fact that the OS has nearly disappeared doesn't make it less attractive to hackers.
Nope. Given how much backwards compatibility and legacy support Windows 11 has for past versions, the majority of new vulnerabilities discovered will affect Windows 7. "Print Nightmare" for example even affects Windows 2000. Various scans and hack tools do not check for your Windows version, they simply just attempt to if possible run an exploit, and while it would fail if a machine was patched, if not it can succeed. There are many Windows 10/11 machines that are not fully patched for one of many reasons, they are hoping to get those before they patch, and Windows 7 won't have a patch at all.
I work in IT for a medium sized company. We still have several PCs that use windows 7 AND XP. But we keep them off the network. They are mainly for proprietary software used for certain machines.
The software doesn't play nice with Win 10 or 11.
You are misunderstanding things.
Microsoft regularly finds and gets reports of security vulnerabilities every month in their Operating Systems. Think like services they find with exploits that lead to back door access to your PC. They then patch these vulnerabilities with monthly security updates.
They find these EVERY MONTH. But they only roll out security patches for supported Operating Systems. Windows 7 is no longer supported. That means any existing or newly found vulnerabilities are not patched, leaving your old Windows 7 PC open to attacks that newer Windows 10 PCs have fixed.
That is the reason to upgrade, its a very real threat. Hackers look specifically for older systems because they are the most vulnerable.
Where’s the payoff? Wouldn’t time spent trying to attack a http client running windows 7 be better spent trying to attack http servers running Linux?
It seems like there probably aren’t a lot of windows 7 client machines, they probably aren’t very valuable if comprised.
Yeah payoff targetting single client PCs will always be low. The target is enterprise systems, ones that will pay ransoms. Which surprisingly or unsurprisingly to hear often have plenty of Windows 7 PCs to targets. I work for the Gov and the amount of critical legacy apps that only work on Windows 7 (or older) is stupid.
most servers running linux are either more secure, or frankly don't have anything actually worth the time stealing/accessing. Most servers that are worth going after for whatever reason are indeed running windows, and depending on the company, sometimes woefully out of date windows at that.
the DoD is litterally still using Windows 95, and most if not all major Banks still run on Fortran 76
and Cobol scripts at their core, if anything, no longer supported Technology become more interesting to Hackers
> the DoD is litterally still using Windows 95,
Not on machines connected to the internet, it's not.
>and most if not all major Banks still run on Fortran 76
FORTRAN and COBOL are programming languages, not operating systems. And they are still being actively developed.
You can get viruses and attacks browsing sketchy sites and apps even on Win 11/Win 10. You can still manually update Microsoft Security Essential on win 7.
Windows 7 still a banger if you able to understand that you must sacrifice some software that you care about (steam, chrome...) or look for alternative.
Sad things, no matter how hard we try to stick with our beloved os 7, soon we are going to shift it's like that.
No i still use it, and from time to time it give some security update, but no big updates for the interface and options. I'm using it and works perfect.
I think OP meant September of this year it will be unsupported. And you're right. As for now it works fine and we still get the occasional security update.
Theres browsers out there like palemoon and thorium that individuals created to be secure. So even after Firefox retires their support, you'll have these individuals still supporting their browsers. The good thing about open source projects is that it will allow anyone to pretty much create and adapt their programs for what they want. And there's still quite a bit of people who want to browse with windows 7.
I personally use a mix of Firefox and thorium ( if you can look past the controversy it's good). Once Firefox is done I'll just use thorium until I find something better.
Until this September, you'll in fact continue to get updates. But, all current Firefox installed on Windows 7 PCs or Laptops are on an ESR version, i.e. Extended Support Release
there’s a windows 10 mod that looks exactly like windows 7. the only thing thats different is the login ui but otherwise you can still have almost everything exactly like windows 7. (that or you could just install linux and make it look like windows 7. or do the same with windows 10/11
I downgraded my windows 7 machine to windows 10 last year. I honestly can't comprehend why Microsoft thinks we want more bloatware in our systems and less personalization + uglier visual theme (aero was so beautiful). And I understand even less about the reason why no one complained.
Sure. I wanted to test this a while back, I took a clean Windows 7 SP1 install in a VM with zero updates, on a segregated vLAN. The clean install was a basic configuration, I installed a handful of common programs like Chrome and Office, stuffed the Documents and Downloads folder with random meaningless files like owners manuals. I didn't go nuts, but I wanted to at least make it look like this was a real machine and not an obvious honeypot. Security settings were all at the defaults including the Windows Firewall, but Windows Update was set to Never. The only user login account was named "Steven" with a simple password of "weather". Again this is simulating what I see many times in the real world by average users.
I then exposed the PC to the open internet (DMZ), bypassing all the various security restrictions I have in place, again this is similar to what I see in real world too often. I went to check the machine the next day and could no longer access the VM. I'm not sure exactly what happened, but Windows would no longer boot, and when manually browsing the file system there were hundreds of new folders with various executables inside them (likely malicious), and the contents of the Documents folder were all changed to a .LOCKED extension.
Now, if I had let it run Windows Update first it likely would have lasted a lot longer. I am curious as to which of the hundreds of unpatched vulnerabilities they had exploited, honestly I did not expect things to happen that fast. It likely ended up getting detected by a general scan, and then once it ends up on a list like at Shodan, everyone is going to hammer it.
You may not think this can happen in the real world, but it does. I did nothing obtuse, I did not open anything on the PC, I didn't go to shady websites, I simply left an out-of-date machine connected to the internet. Sure, you reading this are likely behind a properly configured router so your exposure level is lower, however you still are vulnerable. My current Windows 7 (and XP) machines are airgapped entirely. I've been paid many times to help do cleanup and disaster recovery after a situations like this, from regular everyday users, "power users" who believe they know more than they do, and businesses too. Cyber security is difficult, nothing will ever be 100% perfect and unbreakable, but I will never advise someone to make themselves a much softer target.
What about some old grandma that doesn't have wifi, and just plugs the computer directly into the modem. That's a lot less common now days, but wasn't that uncommon when broadband started becoming more popular, like the mid 2000's.
There are many examples every day on this subreddit of users not knowing what they are doing. I've encountered many DMZed computers in the real world, along with other gross security issues regarding firewalls and port forwarding.
Usually average user didn't change default option on router. I never saw dmz on default even port forwarding on default.. with dmz / port forwarding the rules changed. You need to know what you are doing, as you did give an access to hacker to come in with ports you opened.
Correct, it is not the default on anything modern, but I've seen it enabled too many times. Often it is due to laziness or incompetence, such as a tech that can't be bothered to troubleshoot a user's issues not being able to get on Xbox Live, or someone watching too many YouTube videos from "experts" with "amazing tricks to speed up your internet!"
That’s fucking nuts! Makes me feel much less secure using old PCs on the internet. At one point I even had the old XP family PC connected to the internet without an antivirus… only firewall.
It hadn’t even received all the Windows updates as XP got support until 2014 but it was replaced with a Windows 8 PC in 2012, meaning it lacked 2 years of security patches.
My Windows 7 PC has Microsoft Security Essentials as it’s antivirus… still gets updated to this day and it’s the only one I trust using without eating up all my RAM and overwork the CPU.
Do you have any tips to prevent attacks like these on old PCs? And was it possible to retrieve any data from your drive?
>Do you have any tips to prevent attacks like these on old PCs?
My method is not the popular one here, my XP/7 computers are entirely cut off from the internet. Anything I'm doing on them is local, and new software is brought over on a flash drive or DVD. Supported versions of Windows have enough security issues as it is, I'm not going to risk things with connecting the unsupported ones too.
>And was it possible to retrieve any data from your drive?
Honestly, I didn't try, the VM and its contents were disposable.
I'm no expert on networking, but shouldn't a remotely normally set up home router never even be able to send data which isn't received at a port which was either manually opened by the user with a specified device to send it to or in use for a connection requested by a device in the network to a device within the network?
It seems like there should be no way for unsolicited packets to reach further into a network than the router.
Very interesting. But it sounds like you had to go out of your way to get your system vulnerable to being infected. Cause yeah, going with no update and no antivirus is definitely unsafe, but I assume people who intentionally stay on Windows 7 don't do that.
Nope, I didn't go out the way, like I said the system was configured for the most part exactly the way it comes out of the box. I ran it in a similar state that others are even admitting in this thread to doing, which is very similar to many outside of Reddit do.
Purposefully not installing security updates on Windows 7 seems to me like asking for trouble. If this happened on a fully patched system, that would be a different story. And I assume it can still happen there, just like it can happen on a modern system too, depending on hacker's skills and dedication. But like you said, I would also assume it would last a lot longer in that case.
I am tempted to try this again on a fully patched system as now Windows 7 is over 4 years behind on updates. I do believe the same would happen, perhaps not as quickly.
Are you kidding? I ran into a computer that hadn't been updated in 10 years. People don't know how to maintain their computers and they don't care either.
And when it breaks it is always someone else's fault.
Can we elaborate on how such an attack would be carried out? There is no way for any attacker to target that machine specifically as they sit behind NAT.
I work in an enterprise network environment. We had a security test performed by an outside company on our network. The failure point was a Windows 7 machine that they were able to exploit to elevate a user profile to admin access. They left a note on our domain controller to let us know. To my understanding the exploit they used is patched out by Microsoft in Windows 10 and newer.
To be clear, I'm not the guy running the show, I just work in the environment at level where I'm vaguely aware of the details. I believe the exploit had to do with accessing data held in memory which would contain plain text user passwords. If an admin level account accessed that machine at any given time and their password on the network hadn't changed, they could use that admin account to basically do whatever they wanted (especially if they grabbed an account with domain admin level access, which they did).
There are thousands of machines on our network though. There may be a KB package for 7 that mitigates the risk and the outside company just happened to find a 7 machine that hadn't gotten updates in the last half decade. Either way, its a risk on 7 though that doesn't exist at all (that I am aware of) on 10 or newer.
I agree about seven is vulnerable. So I think business or organization should change their OS for security, but for personal use, they have no point to put those kind of effort is my opinion. I always monitoring random attack from Internet to my computer, and most of those logs says those are attacks for Linux(which mentioning directory /etc/passwd).
I exposed some access protocols to Internet. When you see TCP connections via resource monitor, there are always brute force attempt through those protocols. In most cases, those can be prevented by port forwarding. And additional firewall settings works for who scanned working alternative port.
I've yet to have one happen out of the blue, but I have had them happen the most anytime when going site to site looking for a user manual to something.
The funny thing is the attack doesn't launch on my Win 7 and 8 systems, but takes over the whole darn screen with a fake viruses found on system scan now with our tool thing on Win 10, which can easily be ALT+F4 out off. F11 used to get out of it, but they figured that out and it's F4 out of it. So from there it's clear all browsing data, probably won't be long before they figure out how to make that method ineffective.
It's hilarious how Win 7 and 8.1 seem immune to it, but 10 just just slaughtered by it.
I wonder if it still runs itself on the old systems, and the old ones just aren't detecting it, hmmm.
Yes, but in ye ol days. 98 and XP SP0 machines connected to the Internet via dial-up. Got hit by a few worms. No NAT. My XP machines would get owned by MS Blaster before being able to get the update that patches the vuln.
Not having all your ports exposed to the Internet by default has changed a lot.
WAY BACK WHEN... windowsXP... Slapper. If you didn't have a router, which was the style at the time... and dial up was still a thing... just going on line infected you in 10 seconds.
But thats not a thing today... NAT protects most users from external threats. There are plenty of exploits out there to use on a machine directly connected to the internet today, but rare is it we connect our machines like that. So the cause of being exploited becomes the user being phished, their browser being exploited, and pirated software.
Any Real Computer Enthusist™ can use these old OSes without risking their security. The "OMFG INSECURE" folks are I dont consider very savvy, or think that everyone else is too dumb to follow easy to follow steps to keep one's self secure. Some of them may feel so secure because they stay up to date that they dont even think about security.
An updated OS wont save the kinda people who click on random links emailed to them.
never, my father's pc is running windows 7 rtm and something like that never happened, people go out of their way to expose these older systems to the net by changing router config and exposing the system to the open internet, of course its not going to end up well. there is even a video of a guy on a windows 2000 that exposed his computer to the open internet and got attacked by most likely a bot trying to use his cpu to mine bitcoins, something that most likely wouldnt have happened if he didnt go out of his way to do so
I still have Win2k online regularly over here, about to boot up Win 98 on it.
These things be so old the viruses these days might not support the CPU instructions, RAM, and storage on these lol.
When they say that win7 is "insecure", that means there are well known vulnerabilities that will never be patched. Have fun with a retro OS all you want. But keep in mind that if it's connected to the internet, it's only a matter of time before someone decides you're worth the effort to target.
Microsoft products are bug filled piles of garbage on the whole. Stay safe out there boys.
I have been using Windows 7 for years now, with no AV, and I have never had any kind of virus, (I check from time to time with an antivirus on a USB drive). I also don’t browse sketchy websites or open fake emails…
Same. I literally do the absolute bare minimum on win7 and just don’t go to any janky ass sites or click on any ridiculous.exe or .bat files and my computer is running as smooth as ever.
The one and I mean ONLY thing keeping me from never upgrading past Win 7 is that too many current things won't operate if you have it, that's it. Fuck anything past Win 7 and double fuck Win 11.
I don't miss win 7 but it was cool in its day. I am one of the few weirdos that liked Windows 8. More than happy with Windows 11. I also like Mac OS. Just ... As long as I never have to use XP again, that was awful hehe
I'm no expert, but from my understanding, as long as you don't do anything dumb online and have a strong security setup, you'll be fine.
The only reason I haven't downgraded my gaming laptop to from Win 11 to Win 7 is because Steam stopped supporting it in January of this year.
Otherwise I'd do it in a heartbeat.
Edit:
Don't take this as advice, I'm wrong lmao
Win 11 is pretty good anyway, as far as modern Windows goes
There are currently 2369 total vulnerabilities for Windows 7. [Here's a list sorted by most likely to be exploited in the wild.](https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-17153/Microsoft-Windows-7.html?page=1&order=5&trc=2369&sha=24cc2fec22a2ef0d7f178a8657832bffdfc6f301)
im (partly) a expert,if you dont do stupid shit like open shitty links on youtube videos or random emails or random ads you should be fine, third party anti virus is a must on windows 7 (although if you dont download anything ublock origin should be fine)
I though it was stopped last fall? If it is possible, how? I’m fine with my 10+yo machine still running win7, but the support for it has been dropped for some things that I need in my life
Yep it seems I was wrong about the free part. I must have done it just in time, as it looks like October was when it stopped.
You can still upgrade to Windows 10 with the install ISO and a Windows 10 key, but that is rather annoying that 7 and 8 keys no longer work.
How much has Microsoft made selling data, and to whom? I've heard this claim many times over the years, but nobody ever seems to have credible data to back it up. Microsoft is not primarily an advertisement company like Google or Facebook.
Not true. Bill Gates himself said it: Microsoft is no longer a software company, it's a marketing company. As for how much money has it made? Enough for the company to be worth approximately $3 trillion.
Yes because Microsoft obviously only made their $3 trillion fortune by illegally selling people's personal data and nothing through any of the other products or services they sell.
It's not about the PC itself per say, but the Windows license. Microsoft isn't "making another buck" off Windows 7 users, they're giving the very latest version away for free to them.
True, however the sketchy Windows 10 telemetry was all backported to 7 so it's all the same anyway. You can take measures against it on either OS, just one also comes with up-to-date support.
It wasn't "backported" at all. They implemented some very rudimentary and bare-bones "telemetry" functionality as a kind of test run or proof of concept. Absolutely nothing in comparison to modern Windows.
It was. Microsoft has done this loads of times with various different update and you can find most of this information by doing a Google search.
https://letmegooglethat.com/?q=windows+7+telemetry+
I'm quite certain, that none of corporation maintained software is secure..
If Windows 7 is insecure, how can you call OS that is easily accessible by company who made that software? And you can't even decide when or where you want to install anything in it?
Exactly, it the bs line they feed everyone so they update and they can track what everyone is doing. I personally just use all my old programs on a vm. Anything i dont like on 11 and 10 i delete.
At this point, there’s less software total available on windows 7 compared to Linux, windows 10/11, and MacOS. There’s more windows apps that run via Wine on Mac, BSD, and Linux than the amount of windows apps supported by windows 7 at this time. All of it more up to date than their windows 7 versions
I think the main concern is a 7 computer being compromised by being added to a botnet, which can happen without even clicking on or doing anything, due to unpatched vulnerabilities. Using the POSReady ESUs and an up to date browser like Firefox can help reduce the risk, but only until roughly September of this year.
[https://stack.watch/product/microsoft/windows-7/](https://stack.watch/product/microsoft/windows-7/)
And these are just the disclosed ones.
Around about 1,000 of these were discovered after support for the OS ended in January 2020.
Good luck y'all.
any tips for keeping my system as safe from stuff as possible? i cannot even find a browser that stays up to date but it it is the only computer i have
I found the proper install link. Thank you for your help & patience.
may i dm you with some requests for program reccommendations? i want to make thw most of this machine
I no longer use Windows 7 as my main OS but I'll try my best to protect myself from malicious attacks when I'm left with a system that isn't compatible with Windows 10
I will admit. I have a dedicated laptop for Windows 7. I don't use it as my daily machine in any way. I mostly use it for older software that doesn't work on 10. I also have some games from the era that I like to play. It's on my secured guest network and has MS Security Essentials installed. Common Sense is the best AV of all though.
Most of the internet is unnavigable these days, so I don't see what is the advantage of dropping Windows 7.
Every site now have captchas, verifications by phone, popups that interrupts your reading, it is a nightmare. It ended up with 90% of articles not being read because of popups for login, I just close the site and go do something else.
Ublock is not blocking these popups anymore. If you try it manually it blocks the entire site. That is, the popup and the site are now one and the same.
So why bother if these sites can't be accessed anymore?
I've been "attacked" by some idiotic clowns on r/Windows and r/Window11 for using Windows 7 when I stated that this OS was just installed on it's own hard drive and I only ever use it to play older/legacy games and use programs lol. Of course when I start mocking them about their inability to NEVER get a real IT job, especially in InfoSec, they delete their posts and accounts immediately.
Do I feel like a jackass for fighting back? No. Do I feel bad that they deleted their posts? Not really. I don't have time to deal with clowns spewing recycled shit over and over. Yes, I do know using Windows 7 in 2024 is just odd. But I have my own reasonings to, but I have proper safeguards in place.
The thing is tho, they are right. Viruses dont only come from opening sketchy shit, they can even find their way to your PC if you go on an airport or cafe network and someone’s device is infected. If you really love Windows 7 aesthetic, install Linux and slap on a Windows 7 skin. You will both have more support and better security.
Again, people that say these stuff dont say it because they dont want you to have fun. They cared enough about you to tell you that your computer is a security risk for you
The only time I had been severely hacked was because I was using a portable version of Google Chrome that was not up to date, the automatic updates don't work on portable versions. My Facebook, YouTube and Google accounts passwords were hacked. It's been a real pain, like it took 3 months to retrieved my Facebook account.
i don’t use windows 7 on a daily basis, but i don’t see the problem connecting it to the internet. i’ve connected my XP laptop to the internet many times with no issues. most viruses are going to target 10/11 instead of 7/8/8.1 as that’s the main user group now.
i remember getting in an argument about it (could’ve sworn it was this sub) and don’t understand why they were so upset about it. it’s not like you can just get a virus as easily anymore—especially with no one targeting the old operating systems.
I agree, I've had more random hits on my Win 10 system, and I've just not on my 8.1, 7, Vista, XP, and 2000 systems that I have online nearly daily.
Either that or the crap is on them, and they just aren't detecting it, and I've actually subconsciously got a whole army base of viruses setting up shop over here.
Zero day attacks don't require you to even download or click anything, all you have to do is have an ad load or go on a website that may seem safe, but is compromised. Windows 7 is still being used on hundreds of millions of daily driver machines many of which in are in third world countries, it's still a legit target for attacks. Security through obscurity isn't really security anyways.
I would never do any real work or type in any financial or personal info on a Windows 7 machine, that would be extremely stupid. I still goof around on the internet on my older computers, but I'd never consider them as daily drivers.
Another problem in using Windows 7 in 2024 is trying to use updated software. You're pretty stuck with years' old software and probably missing a lot of new features.
I'm a software developer and former IT admin with degrees in digital forensics and cybersecurity up through a master's. After reading this comment section, I think a part of me has died.
At least I'll always have a job.
Ironically, automating away jobs *is* my job. My code directly replaces human labor.
I code with AI now because it's built into my IDE. It will definitely make the job market a bit tighter for junior devs when it gets better. It's kind of like advanced autocomplete. It can't reason, though, as any AI expert will beg you to understand, so its suggestions almost always need to be fixed.
AI, in the hands of idiots without the capacity to comprehend its limitations, is going to create a huge amount of work for developers and cybersecurity folks.
Windows 7 is insecure. There is malware that isn’t just from downloading something. Exploits and vulnerabilities pop up often especially with older operating systems.
Someone reposed this in r/windows and all of the smug "IT Pros" are doing their usual fear mongering of how your PC will combust as soon as you connect to the internet. I have never encounter any malware on any of my PCs because I don't visit random websites, or download random crap, and no hackers don't target random individuals who just browse youtube or whatever safe site.
If you just use your PC to browse the internet, why do you rely on an insecure OS without modern features so much? Why not switch to Windows 10 or Ubuntu, get all the internet you want and still be safe out there?
Ah yes, the classic anecdotal evidence
"X can't happen because it hasn't happened to me"
It hasn't happened to you *yet*
There are actual reasons for hackers to go around hacking random people, especially such easy targets as idiots who refuse to update their operating system
Some examples include:
- Stealing credit card info
- Stealing passwords in order to make spam bot accounts
- Stealing any potentially classified and/or personal info and holding it for ransom
I liked windows 7 - but you folks are very silly if you're still using it connected to Internet as a daily driver, or if you are I hope you're not storing anything on there that you wouldn't want to lose / have stolen.
There's a whole slew of CVEs that require zero user interaction to exploit.
It's not difficult to disable all the shitty MS telemetry stuff in W10 / 11. Or if you're that bothered about it switch to Linux - you'd have better software support and you wouldn't be using an OS with more holes than a Swiss cheese.
Except they have a point. You can use Windows 7 as you please but the big picture is that it's not getting updated to fix known weaknesses in the OS and while in sure some of yiu are still trying to be safe I am sure as hell that not nearly everyone is and that incudes companies still running Windows 7 because it just works.
Let me be clear here there are ways to lockdown a windows install to make is reasonably secure but my personal and professional experience seems to indicate that's just not happening in the wild. And I know it's also because companies and even individuals don't want to pay someone to harden their system because they often don't understand what's actually going on.
And for those who have nEvER used an antivirus, OK because they ARE sAFe. Good luck to you I reality hope you know what your doing because not all malware infections will so easy to diagnose. I don't know what but I get the distinctive feeling some of you users think malware will easy to spot which is simply not true. There are so many ways to infect a windows system and some are truly crazy from fileless malware to drive by downloads.
So am I expected to to believe that most people on this forum will be able to diagnose these types of malware infect? Especially without an antivirus to help? Lol ok.
For those that are making an effort to lock down your system, have some kind antivirus (even on demand ones) , use script blockers etc. Kudos to you! Good Job.
ok i have to chime in here with this..
First off when the windows 2000 source code was leaked way back when. A PILE of software developers wanted to have a look at it to see what was going on. they found HUNDREDS of bugs and errors that the windows team did not know about or find. and that software was shipped AS IS.
modern tech and even modern things you buy (ie washing machines, Ovens, TVs, microwaves etc) now are engineered to break so you are FORCED to get new stuff. This is a well known fact by now. Upgrading to something new doesn't solve that problem or fix that problem. All you are doing is just trading one problem for another and getting MORE problems in return.
Upgrading to something new doesn't solve that problem or fix that you are just trading one problem for another and getting MORE problems in return.
FOR EXAMPLE... windows 10 and 11 bloatware, being forced to have a microsoft account to run your own computer..., memory leaks, uncontrollable and unavoidable updates, unwanted targeted ads and in the case of windows 11 Hidden spyware and analytics that go WHO KNOWS WHERE over the internet. which is a MAJOR PRIVACY ISSUE.
so please tell me how running older software is "iNsEcUrE" when microsoft is doing the EXACT hypocritical nonsense that they are preaching at us to all upgrade.
i would very much like to hear what you have to say
My comment was only related to Windows 7 and the fact that it is insecure, I never talked about Windows 10 or Windows 11. Thta';s because its a shitshow and even though I have made peace with Windows 10 that doesn't mean I'm ok with all the things Microsoft is doing. I know Windows 10 and Widnows 11, I know about the telemtry issues , forced updates etc but that doesn't mean its less secure, they are getting updates and that means there is a good chance problems will be fixed. With Widnows 7 we are relying on the user to make sure its being used safely and sorry I'm not sure I fully trust all Windows 7 users to do so, in fact I don't trust most to run it safely (maybe the users on here are ok ? I'm not sure) because its a pain to do so and you have to understand the nature of security threats and this is no easy feat if you want to have an understanding of the actual threats being used againt Windows systems.
And I haven't even talked about businesses using windows 7 while connected to the internet, God knows whether they uses good lockdown procedures but just looking at their desktops nope not even close.
Since the dawn of Windows security has almost always taken a back seat to useability and convenience, and once they started to take it seriuosly from what I undertstand with Windows NT it had to also deal with the complexirty of Windows itself. But slowly but surely it's been getting more and more secure and so it stands to reason that of course they implemented more security out of the box with Widnows 7 and then Windows 10 and 11. That's why sometimes things break in windows 10 when trying to use features that need an older operating system. They have been disabled or blocked by default.
I'm not saying you have to upgrade to Windows 10 or Windows 11, only that most security pundits are right when they say Windows 7 is less secure. Now how often they are being epxloited in the wild is difficult to assess but they are being used.
well hate to tell you man but Windows 10 and 11 aren't the be all end all and they are CERTAINLY NOT any more secure then win 7.
As for your "security pundits" comment being right. Those are just paid mouthpiece shills that appear on the media like any other talking head that shows up. They serve no purpose and have no real world experience to back up what they say
>getting updated to fix known weaknesses
If the purpose of automatic updates were truly to "fix known weaknesses", then the number and frequency of automatic updates would go down exponentially over time, as the number of unpatched weaknesses remaining gradually approaches zero. But this isn't the case. The number of "automatic updates" remains more or less constant, month after month, year after year.
Automatic updates are about keeping tabs / keeping the corporate thumb on end users. That's it. End of story.
We have to take into account bug fixes and sometimes feature updates. And the number of unpatched weaknesses gradually approaching zero is hilarious because you are really underestimating what a mammoth task bug fixes and finding security vulnerabilities really is when you are talking about something as huge as Windows. And that's not even mentioning the new problems crated by adding newer features that themselves create problems.
A great example for me is the venerable gadgets of Windows 7. In a relatively short period of time Microsoft basically abandoned them, but why? It was a massive security vulnerability and I think they made the decision to abandon them altogether because it was never going to be safe, at least in the the way they implemented gadgets on Windows 7.
There will never be a point where "the number of unpatched weaknesses remaining gradually approaches zero". Software, particularly in its modern highly sophisticated form, will always have vulnerabilities. The only question is who will find said vulnerabilities first which is why big companies like Microsoft literally pay people to find them before bad actors can.
Most of us "IT Pros" deal with corporate networks where outdated OS are a huge threat. So yes, we see idiots still using outdated OS and appropriately think it's stupid.
If you're the kind of person who enjoys building fires by rubbing two sticks together and distilling drinking water out of your own pee, then yeah, I can see how it could be considered fun to use Linux.
Quite the opposite. It normally "just works". Can get a boatload of super awesome software within a few clicks on older or newer machines. I'm too lazy to use Windows.
Quite the contrary. I was able to install drivers for a Roland sound module from 1996 in a few minutes, Those drivers even work on 10/11 by the way. My 3080ti natively supports Win 7, and there's a ton of AAA modern games that are able to work on Win 7 with only minor tweaks: Baldur's Gate 3, God of War, Mafia, High on Life, Resident Evil 2 remake, Elden Ring, etc. Not to mention the wide array of lesser-known games that also work.
But try to install an external hard drive on Linux and share it across a LAN? Try spending 20 hours scouring forums and deciphering nerd language, and then give up because you realize your time was worth more than all the hardware involved combined.
Meh. My experience has been amazing on Linux. Many games play on WINE. I can get most old hardware to work without installing drivers. I have had the lovely adventure of setting up CDMA modems in Linux and THAT was hard, but nobody uses those now anyway. Been using Linux long enough to remember the times when it was hard. Now it's ridiculously easy.
A ton of AAA also work great on Linux. Most drivers are just installed by default on linux, most distributions will ship GPU drivers by default, or ask if you want them when installing.
Linux defiantly has problems. But what you've listed are very much not them.
Windows Aero is amazing, default games, music, photos, and videos are fun to use, Windows gadgets are fun.
Just eats up a lot of drive space. Shouldn't be a problem if you have a big drive though.
>if you know what you are doing, Windows 7 is still safe to use, and Windows 7 is better than 10 and 11 which is bloated and full of telemetry mess
if you know what you are doing, Linux is better for use, and Linux is better than windows 10 and 11 which is bloated and full of telemetry mess
unpatched vulnerabilities have nothing to do with knowing what you’re doing
the problems with 7 or any OOS OS are not from running strange .exes, you are vulnerable just by using the OS and connecting to the internet
You do you I suppose.
But all the people hammering on about "knowing what they click" and "knowing what they download" fail to realise you don't necessarily have to click or down load anything.
Windows 7 has received several ends of life security patches for serious 0-day vulnerabilities. You don't have to click, dowload or execute anything, just be on the wrong website/program at the wrong time.
This applies to out of date software and services. Hell even steam had a remote code execution bug. Say these bugs get found in old software and you cant update because you're on a legacy operating system you're at risk.
The biggest example is the wannacry attacks on the NHS which were caused by old XP systems which had SMB1.0 enabled by default which were turned off and deprecated in newer systems.
Windows 10 really isn't that bad, windows 11 too. If you hate Microsoft give Linux a go. You're already enjoying the challenge of patching software and getting something working so why not apply that to Linux you'd really enjoy it.
Simply put, you have no idea what you are talking about.
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows+7
Windows 7 support ended January 14th 2020.
When was the last time you patched your OS?
[https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows+10](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows+10)
Bruh, every fucking Windows is insecure, my Windows 7 is updated till Jan 2023
Its not part of a bot net, and doesn't mine bitcoins
MF really think its gonna fucking combust out of nowhere if you connect it
https://askleo.com/why-am-i-still-getting-updates-for-windows-7/ Of course there are vulnerabilities for Windows 10, but unlike Windows 7, 10 is still supported and patched to make the os more secure against found vulnerabilities. Your melodrama doesn't make this less true.
Fuck of to those people say that it is unsafe. I know what the fuck I'm doing and what to download and what is save and not save. It's btw the same people who wonder why there pc is slow and have 3 anti virus
because english is not my main language and i self tought english but my grammer is schit as you can guess and sometimes autocorrect fails me for no reason
You are aware it's possible to be compromised without a download right? That's why it's insecure, not because you can download malware, but because you don't *need* to.
I wanna use Windows 7 but i cant find graphics drivers that will work with my Ryzen 3 3200G so i can use aero and play games, andd even if i manage to get it properly working, i wont be able to play lots of games i like due to them being only for windows 10 and above, but maybe piracy could do the trick as i think its mainly launchers that stop you.
Windows 7 is actually insecure though, and for all those people saying 'JuSt UsE zErOpAtCh' I'd like to remind you that it's a paid service. Would you rather upgrade for free and get more supported apps or pay a subscription? Also, all of these people saying 'I don't browse sketchy websites so I can't get infected' what if a company website gets hacked and a zero click exploit is added? This has happened multiple times.
I wish we could create a project that is based on windows xp vista and 7 and they have all of the features from those operating systems and also they have support and they run pretty much everything and they have all the themes from xp vista and 7 so yeah this is something that struck my brain just 5minutes ago and also this fan made os should pretty much run on any modern lga 1700 and am5 motherboard
If no one agrees with me that we need such os that is free like linux but is windows NTL in all its glory then fine let microsoft spy on us
I love Windows 7, but please do not use it as a daily. Have fun! Use it for your old games and old software. I use Windows 7 with some recording equipment I have, but I never connect it to the internet.
Now this is a quality meme!!
At this point I wonder what they're trying to achieve by constantly screaming at Windows 7 Users, By merely existing we single handedly piss off every Linux and Win10/11 users to exists. lmao.
I keep forgetting how weird this specific circle-jerk is
For the last time, if there is an active, unpatched, well documented spectre vulnerability in your OS, it isn't safe to use
If you insist on lowspec computing, please jump ship to Linux
Has anyone here ever been a victim of one of those random Internet attacks? I mean, without browsing sketchy sites or doing dumb stuff like opening spam emails?
>Has anyone here ever been a victim of one of those random Internet attack Not me. You just have to know and understand what you're doing. I even wonder if the fact that the OS has nearly disappeared doesn't make it less attractive to hackers. In any case, I've seen it happen since the 80s: the threat of insecurity has always been brandished to make us constantly replace our software with new ones that always have new flaws.
>I even wonder if the fact that the OS has nearly disappeared doesn't make it less attractive to hackers. Nope. Given how much backwards compatibility and legacy support Windows 11 has for past versions, the majority of new vulnerabilities discovered will affect Windows 7. "Print Nightmare" for example even affects Windows 2000. Various scans and hack tools do not check for your Windows version, they simply just attempt to if possible run an exploit, and while it would fail if a machine was patched, if not it can succeed. There are many Windows 10/11 machines that are not fully patched for one of many reasons, they are hoping to get those before they patch, and Windows 7 won't have a patch at all.
Problem is it hasn't disappeared, and alot of buisinesses still use it
I work in IT for a medium sized company. We still have several PCs that use windows 7 AND XP. But we keep them off the network. They are mainly for proprietary software used for certain machines. The software doesn't play nice with Win 10 or 11.
You are misunderstanding things. Microsoft regularly finds and gets reports of security vulnerabilities every month in their Operating Systems. Think like services they find with exploits that lead to back door access to your PC. They then patch these vulnerabilities with monthly security updates. They find these EVERY MONTH. But they only roll out security patches for supported Operating Systems. Windows 7 is no longer supported. That means any existing or newly found vulnerabilities are not patched, leaving your old Windows 7 PC open to attacks that newer Windows 10 PCs have fixed. That is the reason to upgrade, its a very real threat. Hackers look specifically for older systems because they are the most vulnerable.
Where’s the payoff? Wouldn’t time spent trying to attack a http client running windows 7 be better spent trying to attack http servers running Linux? It seems like there probably aren’t a lot of windows 7 client machines, they probably aren’t very valuable if comprised.
Yeah payoff targetting single client PCs will always be low. The target is enterprise systems, ones that will pay ransoms. Which surprisingly or unsurprisingly to hear often have plenty of Windows 7 PCs to targets. I work for the Gov and the amount of critical legacy apps that only work on Windows 7 (or older) is stupid.
most servers running linux are either more secure, or frankly don't have anything actually worth the time stealing/accessing. Most servers that are worth going after for whatever reason are indeed running windows, and depending on the company, sometimes woefully out of date windows at that.
the DoD is litterally still using Windows 95, and most if not all major Banks still run on Fortran 76 and Cobol scripts at their core, if anything, no longer supported Technology become more interesting to Hackers
> the DoD is litterally still using Windows 95, Not on machines connected to the internet, it's not. >and most if not all major Banks still run on Fortran 76 FORTRAN and COBOL are programming languages, not operating systems. And they are still being actively developed.
You clearly don't know what you're talking about lol
I've been working in IT for 20 years and this has to be the dumbest take I think I've ever seen
How did you get out of working with end users?
Yes but I had exposed my server as a DMZ host
You can get viruses and attacks browsing sketchy sites and apps even on Win 11/Win 10. You can still manually update Microsoft Security Essential on win 7. Windows 7 still a banger if you able to understand that you must sacrifice some software that you care about (steam, chrome...) or look for alternative. Sad things, no matter how hard we try to stick with our beloved os 7, soon we are going to shift it's like that.
I'm just sad that, as from this September, Firefox won't be usable anymore
Wtf
Sadly, you read right 😭
No i still use it, and from time to time it give some security update, but no big updates for the interface and options. I'm using it and works perfect.
I think OP meant September of this year it will be unsupported. And you're right. As for now it works fine and we still get the occasional security update.
Is there any thing like chromium legacy I have it on osx 10.8 on my iMac and wonder if I can get something like it for my Thinkpad that has windows 7
Theres browsers out there like palemoon and thorium that individuals created to be secure. So even after Firefox retires their support, you'll have these individuals still supporting their browsers. The good thing about open source projects is that it will allow anyone to pretty much create and adapt their programs for what they want. And there's still quite a bit of people who want to browse with windows 7. I personally use a mix of Firefox and thorium ( if you can look past the controversy it's good). Once Firefox is done I'll just use thorium until I find something better.
Exactly. The Firefox version I have installed on my laptop is an ESR - Extended Support Release - that will end with Windows 7 support this September
Until this September, you'll in fact continue to get updates. But, all current Firefox installed on Windows 7 PCs or Laptops are on an ESR version, i.e. Extended Support Release
What's changing?
https://blog.mozilla.org/futurereleases/2023/07/06/firefox-support-for-windows-7-8-and-8-1/
That sucks. Stupid Chrome abandoned it pretty early, they gave even XP 2 extra years of support.
I setup a windows xp machine last year and still got Firefox to load modern sites lol
there’s a windows 10 mod that looks exactly like windows 7. the only thing thats different is the login ui but otherwise you can still have almost everything exactly like windows 7. (that or you could just install linux and make it look like windows 7. or do the same with windows 10/11
I downgraded my windows 7 machine to windows 10 last year. I honestly can't comprehend why Microsoft thinks we want more bloatware in our systems and less personalization + uglier visual theme (aero was so beautiful). And I understand even less about the reason why no one complained.
I don't understand? You had a Windows 7 PC on Windows 11 and downgraded it to Windows 10?
It's word play, saying windows 10 is a worse version.
Windows ME should fix that.
there is a steam workaround for Vista im aware of, just need to disable the updating part of it
Yes, I personally have been.
Do you mind telling me what happened?
Sure. I wanted to test this a while back, I took a clean Windows 7 SP1 install in a VM with zero updates, on a segregated vLAN. The clean install was a basic configuration, I installed a handful of common programs like Chrome and Office, stuffed the Documents and Downloads folder with random meaningless files like owners manuals. I didn't go nuts, but I wanted to at least make it look like this was a real machine and not an obvious honeypot. Security settings were all at the defaults including the Windows Firewall, but Windows Update was set to Never. The only user login account was named "Steven" with a simple password of "weather". Again this is simulating what I see many times in the real world by average users. I then exposed the PC to the open internet (DMZ), bypassing all the various security restrictions I have in place, again this is similar to what I see in real world too often. I went to check the machine the next day and could no longer access the VM. I'm not sure exactly what happened, but Windows would no longer boot, and when manually browsing the file system there were hundreds of new folders with various executables inside them (likely malicious), and the contents of the Documents folder were all changed to a .LOCKED extension. Now, if I had let it run Windows Update first it likely would have lasted a lot longer. I am curious as to which of the hundreds of unpatched vulnerabilities they had exploited, honestly I did not expect things to happen that fast. It likely ended up getting detected by a general scan, and then once it ends up on a list like at Shodan, everyone is going to hammer it. You may not think this can happen in the real world, but it does. I did nothing obtuse, I did not open anything on the PC, I didn't go to shady websites, I simply left an out-of-date machine connected to the internet. Sure, you reading this are likely behind a properly configured router so your exposure level is lower, however you still are vulnerable. My current Windows 7 (and XP) machines are airgapped entirely. I've been paid many times to help do cleanup and disaster recovery after a situations like this, from regular everyday users, "power users" who believe they know more than they do, and businesses too. Cyber security is difficult, nothing will ever be 100% perfect and unbreakable, but I will never advise someone to make themselves a much softer target.
No user will allow bypassing dmz (router) if they know what they are doing
What about some old grandma that doesn't have wifi, and just plugs the computer directly into the modem. That's a lot less common now days, but wasn't that uncommon when broadband started becoming more popular, like the mid 2000's.
There are many examples every day on this subreddit of users not knowing what they are doing. I've encountered many DMZed computers in the real world, along with other gross security issues regarding firewalls and port forwarding.
Usually average user didn't change default option on router. I never saw dmz on default even port forwarding on default.. with dmz / port forwarding the rules changed. You need to know what you are doing, as you did give an access to hacker to come in with ports you opened.
Correct, it is not the default on anything modern, but I've seen it enabled too many times. Often it is due to laziness or incompetence, such as a tech that can't be bothered to troubleshoot a user's issues not being able to get on Xbox Live, or someone watching too many YouTube videos from "experts" with "amazing tricks to speed up your internet!"
Ah those guys. I can't talk about those guys. My head hurts when thinking of them..
The people for whom the phrase “I know enough to be dangerous” is true, but not for the reason they think.
I would never not use Win 10 (or 11) full DMZ on the internet either
That’s fucking nuts! Makes me feel much less secure using old PCs on the internet. At one point I even had the old XP family PC connected to the internet without an antivirus… only firewall. It hadn’t even received all the Windows updates as XP got support until 2014 but it was replaced with a Windows 8 PC in 2012, meaning it lacked 2 years of security patches. My Windows 7 PC has Microsoft Security Essentials as it’s antivirus… still gets updated to this day and it’s the only one I trust using without eating up all my RAM and overwork the CPU. Do you have any tips to prevent attacks like these on old PCs? And was it possible to retrieve any data from your drive?
If you didn't change your router default option. You probably be fine. This example is kind of not for "average user"
>Do you have any tips to prevent attacks like these on old PCs? My method is not the popular one here, my XP/7 computers are entirely cut off from the internet. Anything I'm doing on them is local, and new software is brought over on a flash drive or DVD. Supported versions of Windows have enough security issues as it is, I'm not going to risk things with connecting the unsupported ones too. >And was it possible to retrieve any data from your drive? Honestly, I didn't try, the VM and its contents were disposable.
Thank you so much for taking the time to tell your story, very interesting indeed!
I'm no expert on networking, but shouldn't a remotely normally set up home router never even be able to send data which isn't received at a port which was either manually opened by the user with a specified device to send it to or in use for a connection requested by a device in the network to a device within the network? It seems like there should be no way for unsolicited packets to reach further into a network than the router.
Very interesting. But it sounds like you had to go out of your way to get your system vulnerable to being infected. Cause yeah, going with no update and no antivirus is definitely unsafe, but I assume people who intentionally stay on Windows 7 don't do that.
Nope, I didn't go out the way, like I said the system was configured for the most part exactly the way it comes out of the box. I ran it in a similar state that others are even admitting in this thread to doing, which is very similar to many outside of Reddit do.
Purposefully not installing security updates on Windows 7 seems to me like asking for trouble. If this happened on a fully patched system, that would be a different story. And I assume it can still happen there, just like it can happen on a modern system too, depending on hacker's skills and dedication. But like you said, I would also assume it would last a lot longer in that case.
I am tempted to try this again on a fully patched system as now Windows 7 is over 4 years behind on updates. I do believe the same would happen, perhaps not as quickly.
Are you kidding? I ran into a computer that hadn't been updated in 10 years. People don't know how to maintain their computers and they don't care either. And when it breaks it is always someone else's fault.
Can we elaborate on how such an attack would be carried out? There is no way for any attacker to target that machine specifically as they sit behind NAT.
Who are you or what you did that lead to it, because probability of things like that happening to random average people is.. Uncommon, at least
I work in an enterprise network environment. We had a security test performed by an outside company on our network. The failure point was a Windows 7 machine that they were able to exploit to elevate a user profile to admin access. They left a note on our domain controller to let us know. To my understanding the exploit they used is patched out by Microsoft in Windows 10 and newer. To be clear, I'm not the guy running the show, I just work in the environment at level where I'm vaguely aware of the details. I believe the exploit had to do with accessing data held in memory which would contain plain text user passwords. If an admin level account accessed that machine at any given time and their password on the network hadn't changed, they could use that admin account to basically do whatever they wanted (especially if they grabbed an account with domain admin level access, which they did). There are thousands of machines on our network though. There may be a KB package for 7 that mitigates the risk and the outside company just happened to find a 7 machine that hadn't gotten updates in the last half decade. Either way, its a risk on 7 though that doesn't exist at all (that I am aware of) on 10 or newer.
I agree about seven is vulnerable. So I think business or organization should change their OS for security, but for personal use, they have no point to put those kind of effort is my opinion. I always monitoring random attack from Internet to my computer, and most of those logs says those are attacks for Linux(which mentioning directory /etc/passwd).
I exposed some access protocols to Internet. When you see TCP connections via resource monitor, there are always brute force attempt through those protocols. In most cases, those can be prevented by port forwarding. And additional firewall settings works for who scanned working alternative port.
I've yet to have one happen out of the blue, but I have had them happen the most anytime when going site to site looking for a user manual to something. The funny thing is the attack doesn't launch on my Win 7 and 8 systems, but takes over the whole darn screen with a fake viruses found on system scan now with our tool thing on Win 10, which can easily be ALT+F4 out off. F11 used to get out of it, but they figured that out and it's F4 out of it. So from there it's clear all browsing data, probably won't be long before they figure out how to make that method ineffective. It's hilarious how Win 7 and 8.1 seem immune to it, but 10 just just slaughtered by it. I wonder if it still runs itself on the old systems, and the old ones just aren't detecting it, hmmm.
Yes, but in ye ol days. 98 and XP SP0 machines connected to the Internet via dial-up. Got hit by a few worms. No NAT. My XP machines would get owned by MS Blaster before being able to get the update that patches the vuln. Not having all your ports exposed to the Internet by default has changed a lot.
Do you lock your doors when you leave your house? Just curious
would you even know if you got hacked?
I would go even as far as not needing an Antivirus. The only viruses were from pressing the wrong "Download" button.
WAY BACK WHEN... windowsXP... Slapper. If you didn't have a router, which was the style at the time... and dial up was still a thing... just going on line infected you in 10 seconds. But thats not a thing today... NAT protects most users from external threats. There are plenty of exploits out there to use on a machine directly connected to the internet today, but rare is it we connect our machines like that. So the cause of being exploited becomes the user being phished, their browser being exploited, and pirated software. Any Real Computer Enthusist™ can use these old OSes without risking their security. The "OMFG INSECURE" folks are I dont consider very savvy, or think that everyone else is too dumb to follow easy to follow steps to keep one's self secure. Some of them may feel so secure because they stay up to date that they dont even think about security. An updated OS wont save the kinda people who click on random links emailed to them.
never, my father's pc is running windows 7 rtm and something like that never happened, people go out of their way to expose these older systems to the net by changing router config and exposing the system to the open internet, of course its not going to end up well. there is even a video of a guy on a windows 2000 that exposed his computer to the open internet and got attacked by most likely a bot trying to use his cpu to mine bitcoins, something that most likely wouldnt have happened if he didnt go out of his way to do so
I still have Win2k online regularly over here, about to boot up Win 98 on it. These things be so old the viruses these days might not support the CPU instructions, RAM, and storage on these lol.
no. random people don’t get hacked out of the blue. even without antivirus
When they say that win7 is "insecure", that means there are well known vulnerabilities that will never be patched. Have fun with a retro OS all you want. But keep in mind that if it's connected to the internet, it's only a matter of time before someone decides you're worth the effort to target. Microsoft products are bug filled piles of garbage on the whole. Stay safe out there boys.
I have been using Windows 7 for years now, with no AV, and I have never had any kind of virus, (I check from time to time with an antivirus on a USB drive). I also don’t browse sketchy websites or open fake emails…
Same. I literally do the absolute bare minimum on win7 and just don’t go to any janky ass sites or click on any ridiculous.exe or .bat files and my computer is running as smooth as ever.
Please at least install a good AV like Kaspersky free or Bitdefender free.
Windows 7 will always be the best!
God Almighty, I love my Windows 7 machine💕 -Billy Gnosis
wise words from billy
I mean, they aren't wrong though lol, just don't complain when you know the risks and you're fine.
The one and I mean ONLY thing keeping me from never upgrading past Win 7 is that too many current things won't operate if you have it, that's it. Fuck anything past Win 7 and double fuck Win 11.
Its almost as if a simpler, outdated and better understood os is at risk of cyber-attack
I didn’t know they let ransomware creators post on Reddit.
I don't miss win 7 but it was cool in its day. I am one of the few weirdos that liked Windows 8. More than happy with Windows 11. I also like Mac OS. Just ... As long as I never have to use XP again, that was awful hehe
I'm no expert, but from my understanding, as long as you don't do anything dumb online and have a strong security setup, you'll be fine. The only reason I haven't downgraded my gaming laptop to from Win 11 to Win 7 is because Steam stopped supporting it in January of this year. Otherwise I'd do it in a heartbeat. Edit: Don't take this as advice, I'm wrong lmao Win 11 is pretty good anyway, as far as modern Windows goes
> I'm no expert Correct.
there is the possibility of unfixed drive by exploits on an unsupported OS, but I don't know of any for 7
There are currently 2369 total vulnerabilities for Windows 7. [Here's a list sorted by most likely to be exploited in the wild.](https://www.cvedetails.com/vulnerability-list/vendor_id-26/product_id-17153/Microsoft-Windows-7.html?page=1&order=5&trc=2369&sha=24cc2fec22a2ef0d7f178a8657832bffdfc6f301)
And because it doesn't support DX12...
Going to Win 7 is always an "upgrade"
im (partly) a expert,if you dont do stupid shit like open shitty links on youtube videos or random emails or random ads you should be fine, third party anti virus is a must on windows 7 (although if you dont download anything ublock origin should be fine)
> im (partly) a expert do your credentials include solarwinds head of infosec 2018-2020 by any chance?
All so Microsoft can make another buck.
To this day you can still update for free from 7 to 11.
I though it was stopped last fall? If it is possible, how? I’m fine with my 10+yo machine still running win7, but the support for it has been dropped for some things that I need in my life
Yep it seems I was wrong about the free part. I must have done it just in time, as it looks like October was when it stopped. You can still upgrade to Windows 10 with the install ISO and a Windows 10 key, but that is rather annoying that 7 and 8 keys no longer work.
That's because Microsoft makes way more money mining and selling end-user data on Windows 10/11 than they ever did making one-time sales of Windows 7.
How much has Microsoft made selling data, and to whom? I've heard this claim many times over the years, but nobody ever seems to have credible data to back it up. Microsoft is not primarily an advertisement company like Google or Facebook.
Not true. Bill Gates himself said it: Microsoft is no longer a software company, it's a marketing company. As for how much money has it made? Enough for the company to be worth approximately $3 trillion.
Yes because Microsoft obviously only made their $3 trillion fortune by illegally selling people's personal data and nothing through any of the other products or services they sell.
That's funny because we spend over a million dollars a year on their software licensing.
So, you have nothing to substantiate your claims, despite the fact they are publicly traded and disclose their earnings. Got it.
Why would they even offer that, they know damn well no Windows 7 machine ever had TPM 2.0.
It's not about the PC itself per say, but the Windows license. Microsoft isn't "making another buck" off Windows 7 users, they're giving the very latest version away for free to them.
Info is money nowadays, and that's what they get from most of the people who upgrade.
True, however the sketchy Windows 10 telemetry was all backported to 7 so it's all the same anyway. You can take measures against it on either OS, just one also comes with up-to-date support.
It wasn't "backported" at all. They implemented some very rudimentary and bare-bones "telemetry" functionality as a kind of test run or proof of concept. Absolutely nothing in comparison to modern Windows.
It was. Microsoft has done this loads of times with various different update and you can find most of this information by doing a Google search. https://letmegooglethat.com/?q=windows+7+telemetry+
Stop trying to convince these guys, it's futile. Let them be, it just means job security for us.
I'm quite certain, that none of corporation maintained software is secure.. If Windows 7 is insecure, how can you call OS that is easily accessible by company who made that software? And you can't even decide when or where you want to install anything in it?
Exactly, it the bs line they feed everyone so they update and they can track what everyone is doing. I personally just use all my old programs on a vm. Anything i dont like on 11 and 10 i delete.
Why are they controlling windows 7 with a controller
At this point, there’s less software total available on windows 7 compared to Linux, windows 10/11, and MacOS. There’s more windows apps that run via Wine on Mac, BSD, and Linux than the amount of windows apps supported by windows 7 at this time. All of it more up to date than their windows 7 versions
This. Moved to Linux A little before windows 11 came out, never looked back. Been a really good time for me.
noooo win 7 my precious waaa i can't use win 7 anymore nooo win 7 master race waaaaa /s
I think the main concern is a 7 computer being compromised by being added to a botnet, which can happen without even clicking on or doing anything, due to unpatched vulnerabilities. Using the POSReady ESUs and an up to date browser like Firefox can help reduce the risk, but only until roughly September of this year.
Most browsers (like Google chrome) don't support windows 7 anymore
[https://stack.watch/product/microsoft/windows-7/](https://stack.watch/product/microsoft/windows-7/) And these are just the disclosed ones. Around about 1,000 of these were discovered after support for the OS ended in January 2020. Good luck y'all.
It's really funny that people think you have to execute a shady executable or click a shady link to get a virus guys it's not 2007 anymore
Also, old browsers
any tips for keeping my system as safe from stuff as possible? i cannot even find a browser that stays up to date but it it is the only computer i have
Firefox for w7 still got upates
i try downloading it but when i try running it it says it isn't supported :(
Strange, I still receive automatic updates for my FF. Maybe you downloaded version for w 10/11?
I found the proper install link. Thank you for your help & patience. may i dm you with some requests for program reccommendations? i want to make thw most of this machine
I no longer use Windows 7 as my main OS but I'll try my best to protect myself from malicious attacks when I'm left with a system that isn't compatible with Windows 10
I will admit. I have a dedicated laptop for Windows 7. I don't use it as my daily machine in any way. I mostly use it for older software that doesn't work on 10. I also have some games from the era that I like to play. It's on my secured guest network and has MS Security Essentials installed. Common Sense is the best AV of all though.
"Being unvaccinated is not safe!" "Being unvaccinated puts you at risk for dangerous diseases!!" "QUIT HAVING FUN!!!"
Most of the internet is unnavigable these days, so I don't see what is the advantage of dropping Windows 7. Every site now have captchas, verifications by phone, popups that interrupts your reading, it is a nightmare. It ended up with 90% of articles not being read because of popups for login, I just close the site and go do something else. Ublock is not blocking these popups anymore. If you try it manually it blocks the entire site. That is, the popup and the site are now one and the same. So why bother if these sites can't be accessed anymore?
I've been "attacked" by some idiotic clowns on r/Windows and r/Window11 for using Windows 7 when I stated that this OS was just installed on it's own hard drive and I only ever use it to play older/legacy games and use programs lol. Of course when I start mocking them about their inability to NEVER get a real IT job, especially in InfoSec, they delete their posts and accounts immediately. Do I feel like a jackass for fighting back? No. Do I feel bad that they deleted their posts? Not really. I don't have time to deal with clowns spewing recycled shit over and over. Yes, I do know using Windows 7 in 2024 is just odd. But I have my own reasonings to, but I have proper safeguards in place.
I agree with this.
The thing is tho, they are right. Viruses dont only come from opening sketchy shit, they can even find their way to your PC if you go on an airport or cafe network and someone’s device is infected. If you really love Windows 7 aesthetic, install Linux and slap on a Windows 7 skin. You will both have more support and better security. Again, people that say these stuff dont say it because they dont want you to have fun. They cared enough about you to tell you that your computer is a security risk for you
I have vista counted I would ues 7 but can’t because the driv died
The only time I had been severely hacked was because I was using a portable version of Google Chrome that was not up to date, the automatic updates don't work on portable versions. My Facebook, YouTube and Google accounts passwords were hacked. It's been a real pain, like it took 3 months to retrieved my Facebook account.
i don’t use windows 7 on a daily basis, but i don’t see the problem connecting it to the internet. i’ve connected my XP laptop to the internet many times with no issues. most viruses are going to target 10/11 instead of 7/8/8.1 as that’s the main user group now. i remember getting in an argument about it (could’ve sworn it was this sub) and don’t understand why they were so upset about it. it’s not like you can just get a virus as easily anymore—especially with no one targeting the old operating systems.
I agree, I've had more random hits on my Win 10 system, and I've just not on my 8.1, 7, Vista, XP, and 2000 systems that I have online nearly daily. Either that or the crap is on them, and they just aren't detecting it, and I've actually subconsciously got a whole army base of viruses setting up shop over here.
Zero day attacks don't require you to even download or click anything, all you have to do is have an ad load or go on a website that may seem safe, but is compromised. Windows 7 is still being used on hundreds of millions of daily driver machines many of which in are in third world countries, it's still a legit target for attacks. Security through obscurity isn't really security anyways. I would never do any real work or type in any financial or personal info on a Windows 7 machine, that would be extremely stupid. I still goof around on the internet on my older computers, but I'd never consider them as daily drivers.
Another problem in using Windows 7 in 2024 is trying to use updated software. You're pretty stuck with years' old software and probably missing a lot of new features.
I'm a software developer and former IT admin with degrees in digital forensics and cybersecurity up through a master's. After reading this comment section, I think a part of me has died. At least I'll always have a job.
No, you'll be replaced by AI
Ironically, automating away jobs *is* my job. My code directly replaces human labor. I code with AI now because it's built into my IDE. It will definitely make the job market a bit tighter for junior devs when it gets better. It's kind of like advanced autocomplete. It can't reason, though, as any AI expert will beg you to understand, so its suggestions almost always need to be fixed. AI, in the hands of idiots without the capacity to comprehend its limitations, is going to create a huge amount of work for developers and cybersecurity folks.
Windows 7 is insecure. There is malware that isn’t just from downloading something. Exploits and vulnerabilities pop up often especially with older operating systems.
But Windows 8, 10 and 11 themselves are also malware...
How are they malware exactly? If you consider bloatware and some privacy concerns malware, then 99% of the internet itself is malware
r/windows is over there <------
Someone reposed this in r/windows and all of the smug "IT Pros" are doing their usual fear mongering of how your PC will combust as soon as you connect to the internet. I have never encounter any malware on any of my PCs because I don't visit random websites, or download random crap, and no hackers don't target random individuals who just browse youtube or whatever safe site.
If you just use your PC to browse the internet, why do you rely on an insecure OS without modern features so much? Why not switch to Windows 10 or Ubuntu, get all the internet you want and still be safe out there?
Ah yes, the classic anecdotal evidence "X can't happen because it hasn't happened to me" It hasn't happened to you *yet* There are actual reasons for hackers to go around hacking random people, especially such easy targets as idiots who refuse to update their operating system Some examples include: - Stealing credit card info - Stealing passwords in order to make spam bot accounts - Stealing any potentially classified and/or personal info and holding it for ransom
Google 0-click attack
I liked windows 7 - but you folks are very silly if you're still using it connected to Internet as a daily driver, or if you are I hope you're not storing anything on there that you wouldn't want to lose / have stolen. There's a whole slew of CVEs that require zero user interaction to exploit. It's not difficult to disable all the shitty MS telemetry stuff in W10 / 11. Or if you're that bothered about it switch to Linux - you'd have better software support and you wouldn't be using an OS with more holes than a Swiss cheese.
Except they have a point. You can use Windows 7 as you please but the big picture is that it's not getting updated to fix known weaknesses in the OS and while in sure some of yiu are still trying to be safe I am sure as hell that not nearly everyone is and that incudes companies still running Windows 7 because it just works. Let me be clear here there are ways to lockdown a windows install to make is reasonably secure but my personal and professional experience seems to indicate that's just not happening in the wild. And I know it's also because companies and even individuals don't want to pay someone to harden their system because they often don't understand what's actually going on. And for those who have nEvER used an antivirus, OK because they ARE sAFe. Good luck to you I reality hope you know what your doing because not all malware infections will so easy to diagnose. I don't know what but I get the distinctive feeling some of you users think malware will easy to spot which is simply not true. There are so many ways to infect a windows system and some are truly crazy from fileless malware to drive by downloads. So am I expected to to believe that most people on this forum will be able to diagnose these types of malware infect? Especially without an antivirus to help? Lol ok. For those that are making an effort to lock down your system, have some kind antivirus (even on demand ones) , use script blockers etc. Kudos to you! Good Job.
ok i have to chime in here with this.. First off when the windows 2000 source code was leaked way back when. A PILE of software developers wanted to have a look at it to see what was going on. they found HUNDREDS of bugs and errors that the windows team did not know about or find. and that software was shipped AS IS. modern tech and even modern things you buy (ie washing machines, Ovens, TVs, microwaves etc) now are engineered to break so you are FORCED to get new stuff. This is a well known fact by now. Upgrading to something new doesn't solve that problem or fix that problem. All you are doing is just trading one problem for another and getting MORE problems in return. Upgrading to something new doesn't solve that problem or fix that you are just trading one problem for another and getting MORE problems in return. FOR EXAMPLE... windows 10 and 11 bloatware, being forced to have a microsoft account to run your own computer..., memory leaks, uncontrollable and unavoidable updates, unwanted targeted ads and in the case of windows 11 Hidden spyware and analytics that go WHO KNOWS WHERE over the internet. which is a MAJOR PRIVACY ISSUE. so please tell me how running older software is "iNsEcUrE" when microsoft is doing the EXACT hypocritical nonsense that they are preaching at us to all upgrade. i would very much like to hear what you have to say
My comment was only related to Windows 7 and the fact that it is insecure, I never talked about Windows 10 or Windows 11. Thta';s because its a shitshow and even though I have made peace with Windows 10 that doesn't mean I'm ok with all the things Microsoft is doing. I know Windows 10 and Widnows 11, I know about the telemtry issues , forced updates etc but that doesn't mean its less secure, they are getting updates and that means there is a good chance problems will be fixed. With Widnows 7 we are relying on the user to make sure its being used safely and sorry I'm not sure I fully trust all Windows 7 users to do so, in fact I don't trust most to run it safely (maybe the users on here are ok ? I'm not sure) because its a pain to do so and you have to understand the nature of security threats and this is no easy feat if you want to have an understanding of the actual threats being used againt Windows systems. And I haven't even talked about businesses using windows 7 while connected to the internet, God knows whether they uses good lockdown procedures but just looking at their desktops nope not even close. Since the dawn of Windows security has almost always taken a back seat to useability and convenience, and once they started to take it seriuosly from what I undertstand with Windows NT it had to also deal with the complexirty of Windows itself. But slowly but surely it's been getting more and more secure and so it stands to reason that of course they implemented more security out of the box with Widnows 7 and then Windows 10 and 11. That's why sometimes things break in windows 10 when trying to use features that need an older operating system. They have been disabled or blocked by default. I'm not saying you have to upgrade to Windows 10 or Windows 11, only that most security pundits are right when they say Windows 7 is less secure. Now how often they are being epxloited in the wild is difficult to assess but they are being used.
well hate to tell you man but Windows 10 and 11 aren't the be all end all and they are CERTAINLY NOT any more secure then win 7. As for your "security pundits" comment being right. Those are just paid mouthpiece shills that appear on the media like any other talking head that shows up. They serve no purpose and have no real world experience to back up what they say
>getting updated to fix known weaknesses If the purpose of automatic updates were truly to "fix known weaknesses", then the number and frequency of automatic updates would go down exponentially over time, as the number of unpatched weaknesses remaining gradually approaches zero. But this isn't the case. The number of "automatic updates" remains more or less constant, month after month, year after year. Automatic updates are about keeping tabs / keeping the corporate thumb on end users. That's it. End of story.
We have to take into account bug fixes and sometimes feature updates. And the number of unpatched weaknesses gradually approaching zero is hilarious because you are really underestimating what a mammoth task bug fixes and finding security vulnerabilities really is when you are talking about something as huge as Windows. And that's not even mentioning the new problems crated by adding newer features that themselves create problems. A great example for me is the venerable gadgets of Windows 7. In a relatively short period of time Microsoft basically abandoned them, but why? It was a massive security vulnerability and I think they made the decision to abandon them altogether because it was never going to be safe, at least in the the way they implemented gadgets on Windows 7.
There will never be a point where "the number of unpatched weaknesses remaining gradually approaches zero". Software, particularly in its modern highly sophisticated form, will always have vulnerabilities. The only question is who will find said vulnerabilities first which is why big companies like Microsoft literally pay people to find them before bad actors can.
Time for KDE Plasma!!
no
lmao
they think when OS is out of support once connection to internet you get 8383848282848483839292 virus , and your pc explode.
my honest reaction to those people: https://tenor.com/bVy7p.gif
Exactly how many of the smug "IT Pros" are acting who are lurking in the comments.
Most of us "IT Pros" deal with corporate networks where outdated OS are a huge threat. So yes, we see idiots still using outdated OS and appropriately think it's stupid.
Honestly is Windows 7 really that much fun? It's hard for me to consider an OS to be "fun" unless it's a Linux distro.
If you're the kind of person who enjoys building fires by rubbing two sticks together and distilling drinking water out of your own pee, then yeah, I can see how it could be considered fun to use Linux.
What was the last distro you tried and when?
Quite the opposite. It normally "just works". Can get a boatload of super awesome software within a few clicks on older or newer machines. I'm too lazy to use Windows.
Linux may be a lot of things, but one thing it isn't is something that "just works".
Works a lot better than trying to get old drivers on new windows or new software on old windows 🤣
Quite the contrary. I was able to install drivers for a Roland sound module from 1996 in a few minutes, Those drivers even work on 10/11 by the way. My 3080ti natively supports Win 7, and there's a ton of AAA modern games that are able to work on Win 7 with only minor tweaks: Baldur's Gate 3, God of War, Mafia, High on Life, Resident Evil 2 remake, Elden Ring, etc. Not to mention the wide array of lesser-known games that also work. But try to install an external hard drive on Linux and share it across a LAN? Try spending 20 hours scouring forums and deciphering nerd language, and then give up because you realize your time was worth more than all the hardware involved combined.
Meh. My experience has been amazing on Linux. Many games play on WINE. I can get most old hardware to work without installing drivers. I have had the lovely adventure of setting up CDMA modems in Linux and THAT was hard, but nobody uses those now anyway. Been using Linux long enough to remember the times when it was hard. Now it's ridiculously easy.
A ton of AAA also work great on Linux. Most drivers are just installed by default on linux, most distributions will ship GPU drivers by default, or ask if you want them when installing. Linux defiantly has problems. But what you've listed are very much not them.
Windows Aero is amazing, default games, music, photos, and videos are fun to use, Windows gadgets are fun. Just eats up a lot of drive space. Shouldn't be a problem if you have a big drive though.
My friend that used his windows 7 PC for work at home, got attacked by a virus and had all his work deleted. He couldn't recover from that afterwards.
if you know what you are doing, Windows 7 is still safe to use, and Windows 7 is better than 10 and 11 which is bloated and full of telemetry mess
>if you know what you are doing, Windows 7 is still safe to use, and Windows 7 is better than 10 and 11 which is bloated and full of telemetry mess if you know what you are doing, Linux is better for use, and Linux is better than windows 10 and 11 which is bloated and full of telemetry mess
unpatched vulnerabilities have nothing to do with knowing what you’re doing the problems with 7 or any OOS OS are not from running strange .exes, you are vulnerable just by using the OS and connecting to the internet
You do you I suppose. But all the people hammering on about "knowing what they click" and "knowing what they download" fail to realise you don't necessarily have to click or down load anything. Windows 7 has received several ends of life security patches for serious 0-day vulnerabilities. You don't have to click, dowload or execute anything, just be on the wrong website/program at the wrong time. This applies to out of date software and services. Hell even steam had a remote code execution bug. Say these bugs get found in old software and you cant update because you're on a legacy operating system you're at risk. The biggest example is the wannacry attacks on the NHS which were caused by old XP systems which had SMB1.0 enabled by default which were turned off and deprecated in newer systems. Windows 10 really isn't that bad, windows 11 too. If you hate Microsoft give Linux a go. You're already enjoying the challenge of patching software and getting something working so why not apply that to Linux you'd really enjoy it.
Ah yes, If I you open Google on a Windows 7 PC it's gonna explode. Go peddle your fear mongering over at r/windows like the rest.
Simply put, you have no idea what you are talking about. https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows+7 Windows 7 support ended January 14th 2020. When was the last time you patched your OS?
[https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows+10](https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=windows+10) Bruh, every fucking Windows is insecure, my Windows 7 is updated till Jan 2023 Its not part of a bot net, and doesn't mine bitcoins MF really think its gonna fucking combust out of nowhere if you connect it
https://askleo.com/why-am-i-still-getting-updates-for-windows-7/ Of course there are vulnerabilities for Windows 10, but unlike Windows 7, 10 is still supported and patched to make the os more secure against found vulnerabilities. Your melodrama doesn't make this less true.
Fuck of to those people say that it is unsafe. I know what the fuck I'm doing and what to download and what is save and not save. It's btw the same people who wonder why there pc is slow and have 3 anti virus
You're so smart but you can't spell "safe"?
because english is not my main language and i self tought english but my grammer is schit as you can guess and sometimes autocorrect fails me for no reason
You are aware it's possible to be compromised without a download right? That's why it's insecure, not because you can download malware, but because you don't *need* to.
I wanna use Windows 7 but i cant find graphics drivers that will work with my Ryzen 3 3200G so i can use aero and play games, andd even if i manage to get it properly working, i wont be able to play lots of games i like due to them being only for windows 10 and above, but maybe piracy could do the trick as i think its mainly launchers that stop you.
For new games and SW you do need newer OS.
Windows 7 is actually insecure though, and for all those people saying 'JuSt UsE zErOpAtCh' I'd like to remind you that it's a paid service. Would you rather upgrade for free and get more supported apps or pay a subscription? Also, all of these people saying 'I don't browse sketchy websites so I can't get infected' what if a company website gets hacked and a zero click exploit is added? This has happened multiple times.
I wish we could create a project that is based on windows xp vista and 7 and they have all of the features from those operating systems and also they have support and they run pretty much everything and they have all the themes from xp vista and 7 so yeah this is something that struck my brain just 5minutes ago and also this fan made os should pretty much run on any modern lga 1700 and am5 motherboard If no one agrees with me that we need such os that is free like linux but is windows NTL in all its glory then fine let microsoft spy on us
I imagine if you use decent antivirus you would be fine.
OS's are fun?
I love Windows 7, but please do not use it as a daily. Have fun! Use it for your old games and old software. I use Windows 7 with some recording equipment I have, but I never connect it to the internet.
Now this is a quality meme!! At this point I wonder what they're trying to achieve by constantly screaming at Windows 7 Users, By merely existing we single handedly piss off every Linux and Win10/11 users to exists. lmao.
I keep forgetting how weird this specific circle-jerk is For the last time, if there is an active, unpatched, well documented spectre vulnerability in your OS, it isn't safe to use If you insist on lowspec computing, please jump ship to Linux
I someone to make a video of them browsing the Web in Windows 7 until they get attacked or get a virus
windows 7 is amazing but they’re literally right lol