Posted on 03/23/2017 6:12:51 PM PDT by dayglored
Mark your calendar: Microsoft's promise to cut off Win7 and 8.1 support for the latest PCs will cause howls of pain next month
Events of the past week have drawn into sharp focus the likely result of next month's patching cycle. If you have a Windows 7 or 8.1 PC that you bought, built, or upgraded in the past year or so, it would behoove you to understand exactly what Microsoft plans.
Many people -- I'll raise my hand here -- thought that Skylake-based computers would continue to receive Windows 7 and 8.1 patches until the respective end-of-life. We are wrong.
Let's start with the basics. Intel introduced its so-called 6th Generation Skylake processor in August 2015. It slowly replaced the older Broadwell series, all of which will continue to work with Win7 and 8.1. Skylake now is slowly being replaced by 7th Generation Kaby Lake processors, which will not get Win7 or 8.1 support from Microsoft. To date, Intel has released 50 or so different Skylake processors. There are also dozens of Kaby Lake processors, which were introduced in August 2016.
On the AMD side there's a distinction made between the older Opteron series, the APU series (which includes Kaveri, Carrizo, and Bristol Ridge processors, named Athlon, Sempron, A4, A6, and E4) and the brand-new Ryzen processors, which are only now appearing on store shelves. Most observers say that 7th Generation AMD chips start with the Bristol Ridge APUs, which appeared in May, 2016. There's no change at all between the core architecture of the Carrizo and Bristol Ridge chips.
As I'll explain later, the distinction between 6th Generation Carrizo and 7th Generation Bristol Ridge is pivotal. To see if you have a Bristol Ridge chip, as opposed to a Carrizo chip, use Speccy to find your APU model number, then look up your APU model number for Bristol Ridge desktop processors or portable processors.
The whole Windows 7/8.1 support mess started in January of last year, when Windows honcho Terry Myerson declared that "as new silicon generations are introduced, they will require the latest Windows platform at that time for support." At first, Myerson promised:
Through July 17, 2017, Skylake devices on the supported list will also be supported with Windows 7 and 8.1. During the 18-month support period, these systems should be upgraded to Windows 10 to continue receiving support after the period ends. After July 2017, the most critical Windows 7 and Windows 8.1 security updates will be addressed for these configurations, and will be released if the update does not risk the reliability or compatibility of the Windows 7/8.1 platform on other devices.
Screams from enterprise customers reached all the way to the hallowed halls of Redmond. The promised demise of Win7 on Skylake machines changed later in January, then in March 2016, and in August 2016 they changed again. As of August, Microsoft exec Shad Larsen promised:
This policy change primarily applies to our commercial customers who are currently managing deployments with Windows 7 and Windows 8.1, and does not apply to customers running Windows 10 ... future silicon platforms, including Intel's upcoming 7th Gen Intel Core (Kaby Lake) processor family and AMD's 7th generation processors (e.g. Bristol Ridge) will only be supported on Windows 10, and all future silicon releases will require the latest release of Windows 10....
6th Gen Intel Core devices on Windows 7 and Windows 8.1 will be supported with all applicable security updates until the end of support for Windows 7 and Windows 8.1.... This change is made possible through the strong partnership with our OEM partners and Intel who will be performing security update validation testing and upgrade testing for 6th Gen Intel Core systems running Windows 7 and Windows 8.1 through the end of support dates.
On the same day, Microsoft updated a list of Skylake systems supported on Windows 7 and Windows 8.1 that includes links to manufacturer's websites, listing specific model numbers that the manufacturer commits to support with Windows 7 and 8.1 updates. The 12 deputized manufacturers and the links provided by Microsoft are:
Sites like Dell's are just as confused as I was. Dell says, "Microsoft originally indicated Skylake support would end in 2017. Microsoft has now extended Skylake support for Windows 7 through January 14, 2020 and for Windows 8.1 through January 10, 2023."
That isn't quite true. Microsoft has said that Dell will extend support for its listed Skylake systems through end-of-life for Win7 and 8.1.
Here are the conclusions that I draw from Microsoft's statements:
I don't know what Microsoft intends to do with AMD chips. The way the announcements stand, AMD Bristol Ridge PCs won't have Win7 or 8.1 support, and there's no magic list of manufacturers or machines that are exempt from the ruling.
So if you're running a recent-vintage PC and using Windows 7 or 8.1, what happens if you run afoul of the patch police? It's all well and good if Win7 is "no longer supported" on your PC, but what does that mean in real terms? Will your PC halt and catch fire?
Thanks to several reports that I talked about yesterday, including the tales of woe from folks who installed a Monthly Rollup Preview, I'm willing to bet that the blockade will unfold like this:
Step 1: April 10 rolls around, and about noon, Microsoft pushes its usual Patch Tuesday updates out the automatic update chute.
Step 2: Those gullible (or trusting) enough to have Win7 or 8.1 Automatic Update turned on will get the April Monthly Rollup (that is, the "April 2017 Security Monthly Quality Rollup"), which will install the next time the machine's rebooted.
Step 3: The Monthly Rollup installs itself and makes changes to Windows Update Agent, effectively preventing Windows Update from running again on this machine. The installer displays this message: IDG
The machine won't be destroyed, if this scenario plays out the way I think it will. Your PC will just have Windows Update disabled. (Which some people view as a feature, not a problem, but I digress.) We're still poking and prodding on the AskWoody Lounge to see what, exactly, gets disabled. None of this is documented anywhere, of course.
It's important to note that machines connected to a corporate Update Server (WSUS, SCCM, or the like) will only get the Monthly Rollup if it's pushed out by the admin. Even if Windows Update gets clobbered, it's unlikely that domain-managed PCs will suffer any ill effect, as they don't use Windows Update the same way most of us do. I have no idea how Microsoft intends to block Win7 updates on recent PCs attached to an update-managed domain.
This scenario brings up an obvious question: Will your machine get update-kneecapped? I don't know. There's no program I know of that you can run (short of a Monthly Rollup Preview, which I never recommend) that will definitively say, "If you install the Monthly Rollup in April, Windows Update will get disabled."
At this point, there's no warning either. No "Click here to install the Monthly Rollup and disable Windows Update going forward" safety net. All you get is a loud thud and that Unsupported hardware notice.
Will Microsoft go ahead with this latest push to get well-heeled customers, with the latest hardware, to change to Windows 10? Microsoft's under no obligation to support Windows 7 and 8.1 on any hardware that appears at a future date. I think. But this approach, if it unfolds in this manner, is sure to rankle more-advanced users who have paid for both Windows 7 and for a shiny new CPU.
We should know a lot more on April 10.
“Its probably just a matter of time before an entirely different business model is developed that sells a laptop or for those few dinosaurs like me, a PC, will make it optional which Linux OS the customer wants and even pre-installs the correct drivers for whatever printer, scanner, etc. a person might have. They will be cheaper, faster, and more secure too. Kinda like what Chromebook is right now but Im not a fan of Chromebook for no particular reason.”
==
If you stay with the most popular Linux distros, such as Mint & the official Ubuntu family, drivers are rarely a problem. Also, many already come with “Wine” installed, so you can run Windows programs (or at least quite a few Win programs). I could like Chromebook if it weren’t so Google-dependent.
“A pay VPN service is now a must IMHO.”
==
For ultimate privacy using Linux, “Tails” would be the way to go. But it’s not great as a Windows or Linux substitute that is meant for all-around usage. Tails runs from a disk or a USB stick only. I suppose it could be installed on a machine, but that would defeat it’s purpose.
https://distrowatch.com/table.php?distribution=tails
https://en.wikipedia.org/wiki/Tails_(operating_system)
Certainly, there is plenty of ambiguity on this issue. One way or another, the coming months will bring changes and probably some disappointments, and perhaps none of these prognostications, pro or con, will turn out to be exactly on the mark.
We shall see, shan't we?
I would think that running a VM would be somewhat immune. There are only a few generic processor types when setting up the VM; but I’m just speculating.
I run WSUS for 1K endpoints. Wondering if anyone will disclose the dastardly KB? I have policy set to download and install all critical and security updates; everything else I glean through. I can see MS classifying the 4/10 rollout as “critical.”
except for those of us who run WSUS. Now I get to dread April 10th!
We used Linux Raspian Jesse to run our RPIs for signage and powerpoint/informational stuff broadcast to large flat screen televisions.
Ransomware often blows away shadow copies/i.e. system restore points.
Almost exactly the same experience here. My latest Winblows is 7 (which I really like BTW), but I've seen Microshaft's attitude degenerating, so for several year's I've foreseen a time coming eventually when I'd no longer be willing to buy MS stuff. So, not really being interested in Mac, I've attempted to try out Linux several times, but always found the learning curve like more of a wall I couldn't penetrate. A couple years ago was different. It's interesting how it happened. Mint 17 was Windowsy enough that I could actually navigate it a little bit, which in turn resulted in me learning a little Linux, enough to now be able to find my way around Ubuntu and so on.** Meanwhile, Microsnot continues it's slide into treating the user as the product, so I see the deadline approaching. So while Windows is getting worse, Linux has passed the critical threshold (where it is for me, anyway), so I'm with you. No more Windows after 7. Then it'll be Linux with any Windows stuff under Wine or in VMs.
**This shows the error in Linux-heads who don't like Mint and think it's fake Linux, because it actually left me with a workable knowledge of Linux that I would never have got with the "pure" distros.
Yeah, I hope I’m still a few years out from switching to Linux (probably Ubuntu) but if it happens sooner, I’m okay with that too.
All I do on my laptop, is read the news ( DRUDGE, FR, BREITBART, many foreign newspapers), post, and send/get email. And there are, what most others consider to be extremely "simple"/"easy" things, that I can NOT manage to do on a computer or laptop at all.
Heck...you mentioned "tiles" and I don't know what that is; let alone know how to use it.
“Ransomware often blows away shadow copies/i.e. system restore points.”
==
Ya get ransomware on your device/PC, fuhgeddaboudit You might be able to find a fix if you’re lucky. But most often, a guy’s up a creek without a paddle. A destroyed restore point won’t matter much when you have to re-format and reinstall Windows or whatever OS you’re using. Unless a guy wants to pony up the 300+ bucks for the unlocking key - and even then, if it’s an unethical crook (heh) they could just take your bitcoin bucks and leave you still scruuwed over.
Along with my other measures I use an anti-ransomeware prog in Windows. LIke I said, Win is high maintentance, security-wise.
The best thing to do is to clone the drive on to another seperate, unconnected drive every now and then so a fella doesn’t have to a reinstall from scratch due to a severe crash or some nasty malware.
In addition to a restore point, I use RegBak and Erunt - both free programs that do a more thorough save-restore than the Win’s restore point.
http://listoffreeware.com/list-of-best-free-registry-backup-software
A program called WinRescue used to a must have, but it doesn’t support Win7 64bit or Win8/Win10. A life-saver in it’s day, tho,
“4 of the Best Linux Distros for Windows Users”
https://www.maketecheasier.com/best-linux-distro-for-windows-users
Of the four on this particular list, I’d go with Zorin OS as most Windows-refugee-friendly. Never tried Robolinux, maybe I’ll give it a whirl this weekend if it can do a live install on a USB stick.
If Microbrain does shaft some FR Win7/8 users and they want to try Linux, maybe we could have a Win Refugee Help Pinglist to assist with questions on installation/usage.
“I don’t do banking on my laptop, pay bills, play games,nor go to weird sites; unless others find this site, Drudge, etc. to be “weird”. I try to be as careful as I can be.”
==
Great - the best security software is in user’s heads. Mostly common sense - don’t click on links in email unless it’s really a trusted sender (and not a fake), don’t open/download anything from emails without virus-checking them first and just be careful in general about what links a person clicks on anywhere online.
Avoiding the obvious problem sites - the XXX sites, unreliable & illegal software (”warez”) sites, illegal music/movies download sites, etc.
And of course, updating anti-malware every day is a must.
Stupid SPAM gets deleted as soon as I see any and I don't open them, nor hit any links.
PORN?????
Oh hell NO; I don't go to such sites and wouldn't even know how to find any. LOL
I finally updated to Win10 (my SD drive went kablooey 3 days before its warranty expired so I just bought a newer larger one.)
It is a long slow process of getting things back to working comfortably.
Win10 is not too bad.
i do image back ups to .iso files using parted magic (offshoot of clonezilla)
i also use synology NAS with cloudstation and back that up to idrive
i use webroot for a/v
you are correct to surmise that once hit by ransomware, you are toast
That's true. I know a lot of people who have pretty much that opinion, or better. I personally prefer Win7, but if Win10 was all I had, I could use it effectively and I'd learn to live with the annoyances.
Which is going to happen sooner or later anyway, just as it did with Win98SE, Win2K, and WinXP in their times. Hopefully by the time I can no longer use Win7, Windows (it won't still be called "Windows 10") will have matured into something I like.
YIKES...I hope your brother learned his lesson!
Bfl
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.