German government to pay Microsoft $886,000 after failing to upgrade from Windows 7

[midian182]

Recap: On January 14, Microsoft ended its extended support for Windows 7, meaning businesses and education customers sticking with the aging OS have to pay for extended security updates (ESUs). One of these users is the German government, which must pay Microsoft at least $886,000 after failing to upgrade to Windows 10.

According to German media, the country’s federal government still has 33,000 workstations running Windows 7. To keep receiving ESUs, it must pay Microsoft a fee for every device—and it’s not cheap. The price is dependent on what version of Windows 7 is being used. During the first year, those using Windows 7 Enterprise will pay $25 per machine. This doubles to $50 in the second year and goes up to $100 for the third year. Staying on Windows 7 Pro is going to cost even more. ESUs start at $50 before going up to $100 in year two and $200 during year three.

German newspaper Handelsblatt reports that the government started the process of moving to Windows 10 back in 2018, but hasn’t been able to upgrade every workstation in time. It adds that 20,000 of the 85,000 machines in Berlin government offices are running Windows 7.

The German government isn’t the only organization behind schedule when it comes to migrating to Windows 10. A report from last year revealed that many industries were taking too long to upgrade.

According to NetMarketShare, 32 percent of Windows users are still on Windows 7, which works out at over 100 million machines. And this is despite Microsoft recently rolling out full-screen prompts advising people to upgrade to Windows 10.

Permalink to story.

https://www.techspot.com/news/83658-german-government-pay-microsoft-886000-after-failing-upgrade.html

 

[quadibloc]

Microsoft should have written Windows 7 correctly, so that it had no security flaws. They should be legally obligated to support every release with security updates forever, all the way back to Windows 3.11 (the first one to include built-in Internet access).

 

[texasrattler]

If that was required, that would apply to Apple n Google. They wouldnt agree to it.
In the end it is just business. 7 had its time n they moved on from it just like anything is done in this world. nothing is ever supported forever.

 

[Squid Surprise]

Microsoft should have written Windows 7 correctly, so that it had no security flaws. They should be legally obligated to support every release with security updates forever, all the way back to Windows 3.11 (the first one to include built-in Internet access).

It's simply not possible to enforce that... and for a government, less than $1,000,000 is NOTHING! Governments waste more than that every day

 

[Nobina]

Microsoft should have written Windows 7 correctly, so that it had no security flaws.

Is this a bait?

I guess Windows 10 is so **** whole countries are willing to pay millions to avoid it.

 

[BigRedPDX]

Is this a bait?

I guess Windows 10 is so **** whole countries are willing to pay millions to avoid it.

I think it is troll bait. Security updates are consistent to stop the next round of attacks. There's no one security update fixes all and makes all impenetrable. It has never been that way. Win10 has a lot of bugs, but any different than the beginning of Win7? Win7 was a nightmare to switch too. Networking issues galore, glitches with file explorer, etc. Software is, as software does.

 

[MasterMace]

I hope the German government swings the hammer wide when Security flaws are found to have not been fixed despite the payments.

 

[Bullwinkle M]

It's simply not possible to enforce that... and for a government, less than $1,000,000 is NOTHING! Governments waste more than that every day

I know that it "IS" possible to enforce that!

I run Windows XP-SP2 online without any Microsoft security updates without any problems

Microsoft could simply have made a firewall that actually blocks EVERYTHING by default except the web browser (anything but explorer)

Block all the major threats by not allowing Java/Flash/Silverlight/Net framework/Adobe reader and a few others

Lock down the system so that the only way in or out is through the browser and the only way for malware to come through the browser is for the user to do something stupid

Make the boot drive Read Only and save all your Internet crap to D: drive!

I've had Windows XP running ONLINE without ANY malware problems for several YEARS
It has NEVER had a problem with any type of Ransomware

I have not had a blue screen of death in more than 10 years

When you finally get it right, make a backup and it's right for good!

If I can do it, why can't Microsoft?

Like XP, Windows 7 should not be used for passwords / online banking or keeping sensitive info on the drive, but when locked down properly, it is far better than Spyware Platform 10 for daily/generic Internet use

 

[Theinsanegamer]

I know that it "IS" possible to enforce that!

I run Windows XP-SP2 online without any Microsoft security updates without any problems

Microsoft could simply have made a firewall that actually blocks EVERYTHING by default except the web browser (anything but explorer)

Block all the major threats by not allowing Java/Flash/Silverlight/Net framework/Adobe reader and a few others

Lock down the system so that the only way in or out is through the browser and the only way for malware to come through the browser is for the user to do something stupid

Make the boot drive Read Only and save all your Internet crap to D: drive!

I've had Windows XP running ONLINE without ANY malware problems for several YEARS
It has NEVER had a problem with any type of Ransomware

I have not had a blue screen of death in more than 10 years

When you finally get it right, make a backup and it's right for good!

If I can do it, why can't Microsoft?

Like XP, Windows 7 should not be used for passwords / online banking or keeping sensitive info on the drive, but when locked down properly, it is far better than Spyware Platform 10 for daily/generic Internet use

So lock down and limit your OS's functionality like an arch user running a custom distro?

Gotcha. What makes you think such an OS would ever be popular with end users? End users like to open PDFs, and dont understand enough about windows to set up a read only drive and a read/write drive. Not to mention, you are running an OS with a browser that has known security flaws, which havent been patched because no web browser supports the ancient XP anymore, so its only a matter of time until your *safe* machine is compromised.

Interestingly, my windows 10 box doesnt need to be locked to the ground to prevent it getting pwned, unlike your XP box. Why do you believe your solution is superior again?

 

[Bullwinkle M]

So lock down and limit your OS's functionality like an arch user running a custom distro?

Gotcha. What makes you think such an OS would ever be popular with end users? End users like to open PDFs, and dont understand enough about windows to set up a read only drive and a read/write drive. Not to mention, you are running an OS with a browser that has known security flaws, which havent been patched because no web browser supports the ancient XP anymore, so its only a matter of time until your *safe* machine is compromised.

Interestingly, my windows 10 box doesnt need to be locked to the ground to prevent it getting pwned, unlike your XP box. Why do you believe your solution is superior again?

Lets see....
Why do I believe my solution is superior again?

Chrome / IOS and Windows S are basically doing the same thing because they know it is far more secure than a regular copy of Windows

I can open PDF's on a locked down copy of XP using Firefox

I can edit and save Wav files up to 64bit / 384Khz in Adobe Audition even though Audition 3.0 only allows creating files up to 32bit / 192Khz

Even though VLC 3.06 was the last installable version for my copy of XP, I can run the newest VLC v3.08 and play audio files up to 352Khz /64bit

I can run any compatible application to get actual work done without crashing all day long

portable Photoshop and Audition from shady sites work fine without crashing the system
Even Legit Photoshop and Audition installed permanently work fine on this system

I'm not quite sure what limitations you are referring to
I am doing things on this test bed that it was never designed to do

If it diddn't work, all the other O.S. manufacturers would not have tried to copy my results for their locked down systems now would they?

I was doing it first and seem to be getting the best results of any Read Only O.S.

End users do not need to know how to run a locked down Read Only System, because, Lucky for you, Company's are making them for noobs Right Now!

Someday soon, you will all be running a locked down system nearly as good as mine!

You're Welcome!

 

[Puiu]

Microsoft should have written Windows 7 correctly, so that it had no security flaws. They should be legally obligated to support every release with security updates forever, all the way back to Windows 3.11 (the first one to include built-in Internet access).

As a programmer I can assure you that such a thing is impossible. As long as not all drivers are written by MS and not all software is written by them you have to leave legacy code in which is inherently a security hole no matter how much you try to patch things as they are discovered.
FYI some of these security updates have nothing to do with Windows itself, like the patches for Intel CPU security issues.

 

[EchoWhiskey]

Microsoft should have written Windows 7 correctly, so that it had no security flaws.

My guess is that you never have written a single line of programming code....

 

[mbrowne5061]

I think it is troll bait. Security updates are consistent to stop the next round of attacks. There's no one security update fixes all and makes all impenetrable. It has never been that way. Win10 has a lot of bugs, but any different than the beginning of Win7? Win7 was a nightmare to switch too. Networking issues galore, glitches with file explorer, etc. Software is, as software does.

And in another 8-10 years, when Windows 10 finally arrives at its drop-dead EOL date, people will be saying the same things about 'Windows Infinite' and clawing to hold onto their Windows 10 installs.

 

[mbrowne5061]

My guess is that you never have written a single line of programming code....

He has written exactly one line. It was flawless, and will never need to be patched, so he will happily support it for the rest of time.

 

[Polycount]

I don't mind companies being allowed to end support for older software and operating systems, but I do wish security updates were mandatory up to a certain point -- say, when the OS' market share drops down to 5 or 10%. I believe Windows 7 support ended at a far higher number, I wanna say 30%? Could be wrong about that.

 

[Yynxs]

Every commenter for W10 talks about security or functionality but not a word about privacy. I can lock down W7 and have for years so that what is exchanged with the web is my choice and not the cloud clowns or MS or gaming 'research' or browser compatibility. Do the same with the W10 I/O and it cries "foul not a registered product."
As for W10 wonderfulness, I remind these MS fanbois of: Microsoft's Windows 10 October Update could be deleting user files https://www.techspot.com/news/76795-microsoft-windows-10-october-update-could-deleting-user.html
I own and have run every MS O/S going back to DOS (not 2.0, DOS). There never was an upgrade of other Windows Versions that deleted my data. Maybe it's a quirk, but making sure 1.5 billion people have a separate off line backup of their data before each update because the O/S programmers/developers are allowed to screw up seems to undermine usefulness significantly.
This is aside from and entire government system being required for notifying of programmer failures across an industry:
CISA https://www.us-cert.gov/ncas/curren...ergency-directive-and-activity-alert-critical alerts

On January 14, 2020, Microsoft released software fixes to address 49 vulnerabilities as part of their monthly Patch Tuesday announcement. Among the vulnerabilities patched were critical weaknesses in Windows CryptoAPI, Windows Remote Desktop Gateway (RD Gateway), and Windows Remote Desktop Client. An attacker could remotely exploit these vulnerabilities to decrypt, modify, or inject data on user connections:

So before you push the "everything has to change for the betterment of everybody" take a look at the number of CERTS specifically pointing at Microsoft and ask whether you want to let them be in control of your equipment and data with W10.

 

[Gezzer]

I don't mind companies being allowed to end support for older software and operating systems, but I do wish security updates were mandatory up to a certain point -- say, when the OS' market share drops down to 5 or 10%. I believe Windows 7 support ended at a far higher number, I wanna say 30%? Could be wrong about that.

Actually MS did just that with XP. It has received patches since passing it's EOL date. But those patches were for proven active major exploits that put the whole computing community at risk. The vast number of Win7 extended support patches before it reached EOL were for potential security flaws that might or might not have actually resulted in a customer being exploited. Moving forward any patches will be for known and active exploits, which are much rarer than most people realize.

 

[Gezzer]

And in another 8-10 years, when Windows 10 finally arrives at its drop-dead EOL date, people will be saying the same things about 'Windows Infinite' and clawing to hold onto their Windows 10 installs.

This might change, but Windows 10 is moving to more of an Android like update system. It will never actually have a EOL, but users will have to upgrade to each newer version in turn. Fact is, Windows 10 is designed so it's impossible to hold onto any certain version indefinitely. Upgrades can be deferred, but not refused, even by enterprise customers.

 

[Gezzer]

This why I don't understand the reluctance to use a Linux distro in these instances.

For the average home user Linux might be harder to use, though I've been using Mint for years and consider it a great Windows replacement for virtually anyone.
Well, except when I want to game. While Linux has made a lot of progress in the gaming arena it still hasn't replaced Windows as the dominate PC gaming platform. I don't even know if it can.
But with a large organization employing a dedicated IT team migrating to a distro should be child's play. Hell, they could even employ Linux maintainers as part of the IT staff. This with open source software would give them complete control and virtually eliminate vendor support costs IMHO.
But no, let's spend lots of money on proprietary software that they don't actually own, just license the use of, that can't be maintained by the end users. Makes sense to me...

 

[Markoni35]

Does that mean I'll have to pay unless I upgrade from DOS to Windows 3.11 ??

 

[drjekelmrhyde]

They could find that amount in their mouse sized couch cushions

 

[Bullwinkle M]

Does that mean I'll have to pay unless I upgrade from DOS to Windows 3.11 ??

No, of course not

I have used Spyware Platform 10 without paying or activating while testing it

After 10 years of use, I'm still on day 1 of the 90-day trial for Windows 8.1

Volume Licenced copies of XP are still floating around - no activation required

and Linux Mint is still free!

 

[Squid Surprise]

No, of course not

I have used Spyware Platform 10 without paying or activating while testing it

After 10 years of use, I'm still on day 1 of the 90-day trial for Windows 8.1

Volume Licenced copies of XP are still floating around - no activation required

and Linux Mint is still free!

Good to see you’re immune to sarcasm...

 

[Bluescreendeath]

Microsoft should have written Windows 7 correctly, so that it had no security flaws. They should be legally obligated to support every release with security updates forever, all the way back to Windows 3.11 (the first one to include built-in Internet access).

That's like saying a locksmith should make the perfect lock that can't be picked.

No program has no security flaws. Coders are merely humans and can't write the perfect code nor possibly predict every possible point of attack for decades to come.