Windows 7 RTM Support Ending Soon

jones_supa writes with this news from Ars Technica: "Windows 7 users will have to install Service Pack 1 if they want to continue to receive security fixes and other support beyond April 9th. With the release of a Service Pack, Microsoft's policy is to support the old version for two years. Windows 7 Service Pack 1 was released on 22nd February, 2011, so the phasing out of support is happening more or less on schedule. In spite of a growing number of post-Service Pack 1 fixes and updates, Microsoft has shown no signs of shipping a second Service Pack. Should Service Pack 1 be the sole major update for Windows 7, it will continue to receive mainstream support — which encompasses both security updates, non-security bugfixes, and free phone support — until 13th January 2015. Extended support — security fixes and paid incidents only — will continue until 14th January 2020."

you are an idiot

[arbiter1]

If you don't have service pack 1 installed you are an idiot anyway to run a non-updated system.

Re:you are an idiot

[kthreadd]

Well just because you're on Windows 7 RTM doen not mean that you're not updated. Windows 7 RTM receives security updates since it is still a supported version of Windows 7, but you should install SP1 in order to keep receiving them after April 9. Windows 7 RTM and Windows 7 SP1 lives side by side in parallel, and the release of SP1 did not mean that RTM stopped receiving updates.

Re:you are an idiot

[UltraZelda64]

And I always thought "service pack" was just Microsoft slang for "patch roll-up." Apparently I was wrong. In this case, I don't see why Microsoft continues to develop two separate lines of what is basically the exact same OS, patch by patch. Sure, help the businesses that want time to test... fine, but it's still stupid to maintain two bases for so long, when they are essentially the same damn thing. It's more likely that third party programs are going to fuck up on you, and in my experience that does seem to be where the problems often lie.

Re:you are an idiot

[hairyfeet]

Why is this flamebait? Do you know how many security patches are in the average Windows SP? I'm sorry but anybody who has waited this long and not applied SP1 is indeed an idiot because every script kiddie on the planet uses those patches and SPs to reverse engineer new exploits specifically targeting fools that don't update the thing.

That said just because you need to apply an SP or a shitload of patches doesn't mean you have to do it the stupid way, not when there is WSUS Offline which will let you download and unattended install the service pack AND all the patches AND all the .NET updates AND any MS Office SPs and updates from 2K3-2K10 AND update DirectX AND Silverlight AND Windows media player AND Ineternet explorer, all at once and unattended. Granted if you are doing a clean install of RTM you'll probably have to run it twice of be sure to turn off UAC until you are done as it can't reboot and re-run itself with UAC on but for all the benefits of having everything done automatically while you go have lunch its well worth that tiny bit of effort.

So there really is no excuse as between WSUS and Ninite for all your third party stuff unattended, like flash, hulu, your choice of several browsers and AVs, etc you can take a bare drive and have a fully loaded fully patched Win 7 system in less than an hour and a half with you only being required for maybe 5 clicks all told, everything is taken care of.

So I'm sorry but the parent is right, anybody that doesn't install SP1 is an idiot, they might as well turn off their firewall and take their unpatched IE and start surfing dodgy websites because they are frankly asking for it.

Re:you are an idiot

[jjjhs]

Microsoft releases countless hotfixes for bugs for Windows that aren't released through Windows Update. They maintain separate branches, one is just security fixes that you get in Windows Updates and one is cumulative bug fixes that also includes security fixes (QFE) but you have to visit the particular KB article to download (in some cases request for free). Windows Update is smart, if you download the bug fix + security fix (QFE) it knows to install a newer QFE version of the file. Service packs incorporate bugs fixes AND security fixes, and maybe native support for more hardware. A lot of people don't know they need a particular bugfix for their hardware combo. All they know is Windows crashes, "Micro$oft sux" and Steve Jobs is God and shat gold.

Re:you are an idiot

[kthreadd]

A service pack will often include some new features, and has actually sometimes removed features. For example Windows XP SP2 removed the support for raw sockets. A service pack can introduce braking changes. That's why there is a fairly large overlap between the old and new service release.

Re:you are an idiot

Windows 7 RTM is NOT unpatched. It receives security updates just like any other supported version of Windows. See above discussion. If you read TFA you see that what it's all about is that RTM will soon no longer receive those updates.

Re:you are an idiot

[jones_supa]

A service pack can introduce braking changes.

A reason to not run Windows in moving vehicles...

Re:you are an idiot

[Dunbal]

Yup, I mean preaching about not being able to get updates to people who haven't updated their system is a bit - redundant.

Re:you are an idiot

[egamma]

If you don't have service pack 1 installed you are an idiot anyway to run a non-updated system.

There was almost zero benefits in SP1 for the average home user. Users can install all the needed security updates separately; in fact, this is often recommended, to reduce the size of the service pack download. Win7 received SP1 because Server 2008R2 needed the contents of the service pack.Here's what's in it for Win7:
Additional support for communication with third-party federation services (those supporting the WS-Federation passive profile protocol)
Improved HDMI audio device performance
Corrected behavior when printing mixed-orientation XPS documents
Change to behavior of “Restore previous folders at logon” functionality
Enhanced support for additional identities in RRAS and IPsec
Support for Advanced Vector Extensions (AVX)
Improved Support for Advanced Format (512e) Storage Devices (devices with 4kb physical sectors)

Re:you are an idiot

[TimothyDavis]

I can add some clarity to this.

When Windows reaches RTM, the ownership of support is handed off from the Windows team to the Windows Sustained Engineering (WinSE) team. Two code branches are opened up for creating QFEs, a Limited Distribution Release (LDR) branch, and a General Distribution Release (GDR) branch.

The GDR branch is used for updates that are going wide to all users, which include security updates and high impact updates. Depending on the severity of the QFE, it might be posted to Windows Update as a security update, or alternatively it would be provided to OEMs to preinstall on shipping systems to resolve a specific issue.

The LDR branch is used for updates that aren't going to be distributed to a wide audience. This might be something like a QFE that fixes a bug that some enterprise customer is seeing, but doesn't have much applicabilty to the majority of Winodws users. Microsoft doesn't want to distribute an update like this wide, because there is a risk that it will cause regressions for other users. Every update in the GDR branch is also put into the LDR branch, because ultimately the user is going to be running a single instance of the binary file, and so it better have all of the security updates included if it is going to also fix issues of lesser importance

When you go to Windows Update and install a QFE, the package that you install usually contains at least two versions of the applicable binaries: One from the LDR branch, and one from the GDR branch. The hotfix installer will look at what is currently on system, and if you have the LDR version of the binary already installed, the hotfix installer will update with the corresponding LDR binary. The effect is that once you install an LDR update, you are now on the LDR branch for that binary for all future updates - that is, until the next service pack release.

The service pack is a release that includes all updates from the LDR and GDR branches rolled up into one major release. Pre-release versions of service packs are provided to enterprises for testing, and to see if any of the updates that were put into the LDR branch break anything. This gives the enterprise and Microsoft time to address the issue and fix it for the final service pack release.

Since not all enterprises participate in full testing of the service pack, there may be things that end up in the final version that can break things. This is why Microsoft will continue to support the pre|prior service pack release with security updates for a time, so that these issues can be resolved. At some future time, the pre|prior service pack becomes no longer supported, which is what TFA is all about.

looks like

2015 - year of the linux desktop

Re:looks like

[slashdot_commentator]

Of course, no one is going to notice, since everyone will be using cloud computing accounts.

Re:looks like

[crutchy]

lucky for them much of the cloud is powered by linux

Re:looks like

[SST-206]

when i read "windows rtm" the first thing that came to mind was "read the manual"

The manual? They'll be expecting us to RTFA next! ; )

Re:looks like

[Patch86]

By 2015, I'm hoping to have my Cloud 2.0 business off the ground.

It'll be much like now, only with more Flash.

Re:looks like

[crutchy]

"year of the linux desktop" has been an inside joke for years, but a decent chunk of the modern world depends on linux already (often without even realising it), which is why i would argue that "year of the linux desktop" doesn't even really matter because linux has already made its mark and is increasing its domination

microsoft and apple may win their little battles, but linux has the war beat with one hand tied behind its back

policy of cloud usage is a problem, but i think the problems can be solved. i also think that problems are much worse in the united states than they are elsewhere because of privacy and security concerns from laws like patriot and the ndaa. i also think as the technical issues of cloud migration are settled, we will probably see a lot more smaller hosting startups because of access, trust and liability requirements for businesses. the availability offered by industrial data centers obviously has advantages, but there are a lot of supposed "five nines" availability providers that rarely actually live up to that but customers still pay a premium.

(groan)

[c0lo]

Now, look, MS... I don't know what's in your mind lately, by I get better support from other operating systems.

Re:(groan)

[kthreadd]

Windows 7 SP1 has been out for nearly three years now. That's a very reasonable time to update, especially since the update is free to Windows 7 RTM users and in general should not break any software compatibility. So I don't get what the problem of dropping support for RTM would be.

Re:(groan)

[hairyfeet]

But you and everyone else is ignoring the elephant in the room, the same one that causes me to this very day to have infected system cross my desk that are still running XP SP2, and that is piracy.

The reason why so many unpatched Windows systems exists is because the pirates kill Windows Updates for fear that their pirated system will get flagged for WGA. Now this is a case where I can't blame MSFT, you can buy an OEM copy of Win 7 Home for around $100 which equals just $14 a year for the life of the OS, so there really is no excuse but being a little shop owner you'd be surprised how many systems you find in yard sales or being sold on CL has Windows Ultimate with updates turned off. Its kinda sad how obvious these pirates are, when you see a system with some old cheap hardware like a Pentium D running an OS that costs 4 times what the system did? Yeah you can be pretty sure its the "Razr1911 Edition" they are using.

But considering the only systems I don't see patched after SP1 was released nearly 3 years ago is pirate systems I just can't blame MSFT for dropping support as pretty much all that is left without SP1 is the pirates it seems.

I think I can make it

[tsotha]

I think I can make it to the next bearable version of Windows, assuming they keep following the "every other version is crap" strategy. There's no way I'm every going to buy the mobile operating system they've released for my desktop.

Re:I think I can make it

[lennier1]

In the meantime, there are always tools like http://www.wsusoffline.net/ to roll one's own Service Pack 2 in case a new install becomes necessary (English introduction is below the German one).

Re:What exactly is a Service Pack?

[CodeheadUK]

A service pack is a roll up of all the important and critical updates into one big package. You can apply a service pack to any install to bring it up to that patch level without going through the intermediate stages.

The service packs are often slipstreamed into install media to produce a (fairly) up to date install right off the disk.

Where is goddamned service pack 2

[AbRASiON]

I'm one of those "sympathisers" here who doesn't loathe Microsoft.
Hot damn though, anyone here who does install Win7 SP1 regularly (as I do) there's about 2 to 300mb of patches and at least..70 or so of the bastards, they take forever to install as well (disk thrash)

For goodness sakes, just release SP2 already you bastards.

Re:Where is goddamned service pack 2

[lennier1]

Mentioned it above, but just use http://www.wsusoffline.net/ to roll your own WP2.

Re:Where is goddamned service pack 2

[hairyfeet]

Nope it only downloads them ONCE and that is it, you can do a thousand installs from that one WSUS Offline install. I keep it on a shared drive with every SP and update from XP-Win 7 and thanks to WSUS this includes the MS Office SPs and updates, .NET installs and patches, WMP and IE patches, all in one simple shared folder. I can even tell it to say "just make me an installer with all the Win 7 patches along with MS Office 2K7 and all the extras and put it on this flash stick" and it'll do so, great little tool to have. And when you run it its all unattended, no having to click each update, and if you turn off UAC while it runs it'll even reboot and do a double check just to make sure there aren't any later patches you need that have to be installed after the SP1 reboot, just handy as hell if you need to install Windows clean.

Of course since I have every version of Windows I see in the shop plus every version of MS Office I see plus all the goodies that shared folder is now 11.3GB but considering I can have it copy just the patches I need for what I'm working on and drive space is cheap i honestly don't care, all that bandwidth used for updating a clean install of Windows is saved so its well worth a lousy 11.3GB on a 500GB shared drive to me.

Re:Where is goddamned service pack 2

[mcgrew]

I'm one of those "sympathisers" here who doesn't loathe Microsoft... For goodness sakes, just release SP2 already you bastards.

My head just asploded.

Just use dism.exe

[benjymouse]

Use dism.exe. It will let you capture freshly installed machine - even with installed applications - back into an install image, i.e. slipstreaming. From the install image it will work exectly like the original image, only it will have all of the installed service packs, updates and patches already installed.

Re:What exactly is a Service Pack?

[slashdot_commentator]

A service pack is a form of configuration management. Think of every binary in the Windows operating system as a program with a version. Microsoft wants to encourage developers to support the latest version of their patched OS. That is, of course, feasibly impossible, especially when some developers are confronted with major behavioral change in one OS program update that their application is dependent upon. So having a "blessed" minimal collection of binary versions makes Microsoft only responsible for those versions. It then becomes incumbent for the developers to make sure their application works to SP1 versions of all those OS programs, and the developers cease to be responsible for making their app work with the original OS binary/daemon that was released with the Windows 7 rollout. (And yes, this is a descriptive simplification of the issue.)

There is more going on with a service pack than just throwing together the latest version of each OS binary. Yes, I wish Microsoft would put out an SP2 already, even if they want to commit corporate suicide by abandoning Windows 7 to get customers to move to Windows 8.

Re:What exactly is a Service Pack?

[Gadget_Guy]

Just like a recent Linux kernel might be at say 3.7.8, ie... so Windows 7 SP1 is 7.1 and the concept of is unused by Microsoft?

No, The Windows kernel does have the concept of <major>.<minor>.<increment>, but it is not the same as the OS version. The version of Windows kernel on the netbook I am using now is 6.1.7601. To the general public, this is Windows 7 (Service Pack 1). It is like how Linux Mint 14 does not use Linux kernel version 14

5 hours

[dshk]

I recently installed Windows 7 on two machines. It took 5 hours on both machines to download, setup all patches. It restarted itself about 15 times. The Windows update process is ridiculous.

Easy win for Homeland Cybersecurity

[mattr]

The easiest thing Homeland Security can do is to force longer, deeper penetration of the latest security fixes for all consumer operating systems.
It's amazing to me how anybody could feel comfortable applying 300mb of fixes. What the hell is in there that fixes security?
1) Mandate absolute transparency and allow user to select downloading and installation only of security-critical code.
2) Force manufacturers not to add in anything else to those portions that are really security-critical.
3) Create a list of vulnerabilities that is updated daily, and grade operating systems against whether they have fixes for them. If they believe in obscurity they must still give a code-name for the vulnerability and security researchers must be told what they mean, show the code and allow them to vet how well the vulnerability was fixed. An automated scoreboard and forum could be developed that aggregates the results of this distributed attack on peevishness by companies like microsoft and oracle who leave huge numbers of fixes unpatched until a good PR moment.
4) Force manufacturers to continue providing fixes (security patches only) to all users. It is not reasonable to allow the majority of the market to become a time-bomb and individual businesses, private users are held hostage.
5) In the case of an open source / community developed distribution, provide the same guidelines and services as is done by Homeland Cybersecurity for commercial vendors, however forcing a community is impossible. Instead a community or a manufacturer (like RedHat) can at least be graded on its response and the availability in an open repository of the required fixes.
6) Do all this for applications, libraries and drivers, not just operating systems.
7) Do this for routers
8) Do this for websites.
9) Define security and the maintenance of security as a process requiring transparency by manufacturers in order to encourage users to adopt patches and make them easier to download.
10) Provide help, guidance and code to community distros and programming teams who can choose to use it, which will make it easier to more frequently issue security patches. It should be a lot easier for users (even on linux) to maintain an up to date system without worry of something breaking or being unable to back up settings, data, etc.

The responses of Microsoft and Oracle to the security realities confronting their customers is pathetic, medieval and takes advantage of general apathy and cluelessness. The result is a never-ending pool of machines vulnerable to every attack to appear in the wild.

This would remove a huge amount

Re:Speaking of idiots

[hairyfeet]

Oh please i know EXACTLY who the patches is for, I support SMBs and they are some of my best customers so I've been there, done that. That doesn't change my point that its going on 2 YEARS, if they haven't come out with a migration plan after testing it on a test bed by now? Then they aren't going to, no point in MSFT wasting time supporting them. After all how many businesses are still running XP which has several security weaknesses like its desire to always be run as admin that just can't be fixed? is MSFT supposed to support that OS for another decade because some corps are too lazy to do testing in a reasonable amount of time?

If you haven't moved by now I'm sorry, you deserve what you get. hell if a little shop like mine could test SP1 on all my SMBs and get it rolled out over a year ago there really is no excuse for a fortune 500 company with a million times more resources than I'll ever have not getting it done by now, no excuse at all. If they want to run without patches? that is their business but MSFT doesn't have to support lazy and giving 2 years of support is more than enough to make a migration plan and do testing, i don't care how big a business you have. Now if they have screwed IT's budget so damned badly they can't even get it done on a TWO YEAR timetable? Frankly that company has bigger problems than patches, like all the gaping security holes they have because their overworked and underpaid IT dept simply can't keep up with the threats of 6 months ago, much less now.

But nothing you said invalidates anything i posted, everybody had 2 years to test and deploy and if they haven't done it after 2 years time? Sorry but they deserve what they get as even the slowest corp should have been able to pull it off given the huge amount of time they had.

Re:What about XP?

[the_Bionic_lemming]

I'm not going to go to win7 or the disgusting win 8.

Thanx to Steam, I am now posting this in Ubuntu and downloading a new game.

I'm looking forward to learning all about Ubuntu :)