Security Research
Showing results for 
Search instead for 
Do you mean 

Life after Windows Server 2003: Ready or not, here it comes

Dustin_Childs ‎02-02-2015 10:15 AM - edited ‎02-02-2015 03:34 PM

In January 2015, Microsoft released a patch to fix an issue in the Network Location Awareness (NLA) service. That vulnerability affects all versions of Windows Server, but a fix was not provided for the Windows Server 2003 platform. As stated in the bulletin, “The architecture to properly support the fix provided in the update does not exist on Windows Server 2003 systems, making it infeasible to build the fix for Windows Server 2003.” What they are really saying is that Windows Server 2003 is so different from modern systems, they simply cannot fix the NLA service issue on that platform. As a result, Windows Server 2003 remains vulnerable to what Microsoft deems an important-class issue.

 

This inability to patch highlights the differences in operating system (OS) architectures between modern OSes and an OS now over eleven years old. While this patch alone should not push enterprises to move away from the OS, the impending end of support for this OS should have businesses thinking about what comes next for their remaining Windows Server 2003 deployments.

 

HPSR knows that security folks understand the dangers of clinging to operating systems and applications that are out of support – and we also know that they sometimes need to make the case to others in the organizations.

 

To that end, we’ve put together a short (five-page) white paper covering what end-of-support for Windows Server 2003 means and doesn’t mean. We detail the substantial differences in defense-in-depth protections between Windows Server 2003 and an OS released when Friends was still on the air and not on Netflix. Finally, we walk through the options for life after end-of-support – including reconsidering your company’s Microsoft relationship, or doing nothing at all. If you are still running Windows Server 2003, you have some decisions to make soon; we’re here to help.

0 Kudos
About the Author

Dustin_Childs

I am a senior security content developer with Hewlett Packard Enterprise Security Research. In this role, I write and edit security analysis and supporting content from researchers. I am also responsible for providing insight into the threat landscape; competitive intelligence to the research team; and providing guidance on the social media roadmap. Part of my role includes speaking publicly and promoting the research and technology of HPE Enterprise Security Products .

Comments
Servicing Stop
on ‎07-23-2015 04:46 AM

Really interesting stuff, thanks alot for the information.

Labels
Events
27 Feb - 2 March 2017
Barcelona | Fira Gran Via
Mobile World Congress 2017
Hewlett Packard Enterprise at Mobile World Congress 2017, Barcelona | Fira Gran Via Location: Hall 3, Booth 3E11
Read more
Each Month in 2017
Online
Software Expert Days - 2017
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
View all