Microsoft announced that Windows 7 Extended Security Updates (ESU) will also be made available for small and midsize businesses (SMBs) to allow them to stay secure during the Windows 10 migration process.
This offer comes as a response to the different paces used by businesses to deploy the latest Windows 10 releases in their environments and their need to keep their systems secure until the process is over until Windows 7 hits its end of support.
“With that in mind, today we are announcing that, through January 2023, we will extend the availability of paid Windows 7 Extended Security Updates (ESU) to businesses of all sizes,” said Jared Spataro, Corporate Vice President for Microsoft 365.
Previously only available in volume licensing
SMBs will be able to purchase the ESUs on a per-device basis for the next three years, with the price to increase every year, in three consecutive 12-month increments.
For information on Windows 7 ESU pricing, customers are advised by Microsoft to reach out to their “Account Team CE for pricing and ordering information tailored to specific customer scenarios.”
The Windows 7 ESUs were previously only available to large businesses and education customers that had Windows 7 Professional or Windows 7 Enterprise volume licensing agreements.
“Extended Security Updates (ESU) includes security updates for critical and important issues as defined by Microsoft Security Response Center(MSRC) for a maximum of three years after January 14, 2020,” says Microsoft, following the end of support for Windows 7.
“Starting on December 1, 2019, businesses of any size can purchase ESU through the cloud solution provider (CSP) program,” added Spataro. “This means that customers can work with their partners to get the security they need while they make their way to Windows 10.”
Windows 7 security fixes also available as micropatches
ACROS Security said in September that the 0Patch platform it operates will continue shipping vulnerability patches to its agents after Microsoft ends support for Windows 7.
For information on Windows 7 ESU pricing, customers are advised by Microsoft to reach out to their “Account Team CE for pricing and ordering information tailored to specific customer scenarios.”
The micropatches issued by 0Patch are tiny sized patches designed to be applied to the OS without having to restart the machine or the application that needs to be patched.
“Each Patch Tuesday we’ll review Microsoft’s security advisories to determine which of the vulnerabilities they have fixed for supported Windows versions might apply to Windows 7 or Windows Server 2008 and present a high-enough risk to warrant micropatching,” 0patch co-founder Mitja Kolsek said at the time.
While 0Patch’s micropatches will usually be provided to the platform’s paying customers, Kolsek stated exceptions will most probably be made for high-risk security flaws like those that could be used for creating auto-spreading malware.