Blocking Windows 7, 8.1 updates for Kaby Lake, Ryzen chips appears imminent

Enlarge / A Kaby Lake desktop CPU, not that you can tell the difference in a press shot. (credit: Intel)

A recently published Knowledge Base article suggests that Microsoft is going to block Windows Updates for owners of the latest Intel and AMD processors if they try to run Windows 7 or 8.1.

Last year, Microsoft announced a shift in the way it would support Windows. Going forward, new processors, including Intel's Kaby Lake and AMD's recently-released Ryzen, would require the newest version of Windows. Users of Windows 7 and 8.1 would be out of luck, with Microsoft having no plans to support the new chips on the old operating systems.

Skylake was originally going to be included in this policy, too, but Microsoft partially relented, switching instead to a policy of providing only security fixes for Skylake systems running Windows 7 and 8.1. This makes no practical difference for Windows 7, since that is in extended support already. Software in extended support only receives security fixes, and Windows 7 will continue to do so until 2020. In principle it means that Windows 8.1 users might miss out. That operating system is in mainstream support until January 2018, and during mainstream support Microsoft can potentially deliver feature improvements and other non-security updates. In practice, this is unlikely; Windows 10 is the only operating system receiving any meaningful feature development now, with Windows 8.1 only likely to receive security fixes from now until its end of support in 2023 anyway.

Read 3 remaining paragraphs | Comments

Blocking Windows 7, 8.1 updates for Kaby Lake, Ryzen chips appears imminent

Enlarge / A Kaby Lake desktop CPU, not that you can tell the difference in a press shot. (credit: Intel)

A recently published Knowledge Base article suggests that Microsoft is going to block Windows Updates for owners of the latest Intel and AMD processors if they try to run Windows 7 or 8.1.

Last year, Microsoft announced a shift in the way it would support Windows. Going forward, new processors, including Intel's Kaby Lake and AMD's recently-released Ryzen, would require the newest version of Windows. Users of Windows 7 and 8.1 would be out of luck, with Microsoft having no plans to support the new chips on the old operating systems.

Skylake was originally going to be included in this policy, too, but Microsoft partially relented, switching instead to a policy of providing only security fixes for Skylake systems running Windows 7 and 8.1. This makes no practical difference for Windows 7, since that is in extended support already. Software in extended support only receives security fixes, and Windows 7 will continue to do so until 2020. In principle it means that Windows 8.1 users might miss out. That operating system is in mainstream support until January 2018, and during mainstream support Microsoft can potentially deliver feature improvements and other non-security updates. In practice, this is unlikely; Windows 10 is the only operating system receiving any meaningful feature development now, with Windows 8.1 only likely to receive security fixes from now until its end of support in 2023 anyway.

Read 3 remaining paragraphs | Comments

Well-funded doesn’t mean well-secured

Three of my four children are of school-going age. When they arrive home in the afternoon, the youngest usually makes a dash for the games console, the middle one is tired to the point of being miserable, and the eldest announces herself loudly, wanting to share every detail from her day with anyone who will lend an ear. The only thing they all seem to have in common is that they are hungry and want dinner.

While I’m the type of parent who makes the children fish-finger sandwiches and declares them fed, my wife prefers to serve a lavish five-course meal. In the past, she would often customize meals to meet each child’s individual taste and preference. After a while, I had to put a stop to it.

“This isn’t a restaurant!” I declared one afternoon. “We can’t make three or four different meals every night. When I was young, I didn’t have a choice. I had to eat what I was given, or else sleep hungry!”

While cooking only one meal doesn’t make all the children happy all the time, no one goes hungry, and it tremendously simplifies both food shopping and dinner time.

IT security purchasing mistake

How does all of that relate to cybersecurity, you might ask? Well, unfortunately, we see many enterprises consistently fall into a similar trap as parents when it comes to their IT security purchasing strategies.

Each business unit, division and purchasing code is like a different child with unique preferences. One area demands host IDS, another wants net flow analysis, while yet another needs threat intelligence. It’s a jumble of requests, and in an attempt to appease everyone, companies can quickly find themselves layering tools upon tools in their environment with little or no integration. This creates not only an expensive situation but also one in which discrete technologies operating in silos end up offering little security overall.

It’s not the case that many breaches are caused by companies lacking the funds to purchase, install and run products. Rather, it’s that they lack a well-defined and integrated security strategy. In other words, a well-funded organization does not necessarily equal a well-secured organization.

Security technologies operating in silos are destined to fail.

Security technologies operating in silos are destined to fail. Every product and tool generates its own sea of noise that over-burdened analysts need to sift through – making it easy for them to miss alerts. This approach also hinders the overall security management process because a disjointed environment makes it difficult to extract or apply any meaningful threat intelligence and makes it nearly impossible to gain full visibility or undertake any form of orchestration.

3 tips for an integrated, security technology strategy

Below are three tips that can help companies develop and implement an integrated, security technology strategy despite ever-present challenges, such as disparate business units with varying priorities.

1. Define security objectives

With so many security technologies to choose from, it’s easy to be swayed into making a purchase by a compelling feature and then find a problem for it to solve. But having a security strategy that covers fundamental needs will help define what objectives your company is trying to achieve.

Taking input from risk appetite and threat models, and then combining all of this information, can put purchases into perspective. If the technology you are considering doesn’t align with your security strategy, then it is not worth buying – no matter how dazzling its features sound.

2. Make use of security technology you have

By looking around and getting creative, you may be surprised at how much existing technology can be leveraged to meet previously defined objectives. Ripping out and throwing away an established technology can be a painful process. Instead, look for ways that existing technology can be integrated into a larger workflow. This can often be easier and cheaper than buying a new product.

3. Pre-integration is better than post

The latest and greatest point technology may be the best thing since sliced bread, but it comes with the hidden cost of having to integrate its data into your existing infrastructure. Buying from vendors that have integrated multiple capabilities into one balanced offering can result in faster deployment, easier operation and greater return on investment.

Having a plan and sticking to it by trying to gain more value from existing products, or choosing integrated products with a broad range of features, may not sound like a recipe that will keep every division and business unit completely happy all the time. However, just like a well-balanced meal provides all necessary nutrients, a strategic approach will help companies achieve comprehensive security that is sufficient for their needs and, more importantly, will keep them protected.

 

This article was written by Javvad Malik from NetworkWorld and was legally licensed through the NewsCred publisher network. Please direct all licensing questions to [email protected].

The post Well-funded doesn’t mean well-secured appeared first on McAfee Blogs.