Virtual Event: Threat Detection and Incident Response Summit - Watch Sessions
Connect with us

Hi, what are you looking for?


Management & Strategy

Microsoft to Provide Free Security Updates for Voting Systems Running Windows 7

Microsoft will continue to provide some Windows 7 machines with security updates beyond the January 2020 end-of-support date, and voting systems are among them, the company has announced.

Microsoft will continue to provide some Windows 7 machines with security updates beyond the January 2020 end-of-support date, and voting systems are among them, the company has announced.

On January 14, 2020, Microsoft will cease to deliver security updates for Windows 7 and Windows Server 2008 systems as part of its normal update schedule. It will, however, provide such updates to customers paying for Extended Security Support.

Voting systems running Windows 7, however, will continue to receive such updates for free through the 2020 elections, the company has just announced. These security patches will be provided as part of Microsoft’s Defending Democracy Program to federally certified voting systems.

Windows 7 is already 10 years old and Microsoft believes that software built for that era lacks the security levels modern operating systems can deliver. The tech giant also says it has fulfilled its commitment to supporting Windows 7 for 10 years, and that most of its customers have already migrated to Windows 10.

“As we head into the 2020 elections, we know there is a relatively small but still significant number of certified voting machines in operation running on Windows 7. We also know that transitioning to machines running newer operating systems in time for the 2020 election may not be possible,” Microsoft notes.

One of the reasons these systems cannot be upgraded in due time for the 2020 elections is the lengthy voting machine certification process.

Extended security updates will be provided for free to federally certified voting systems running Windows 7, through the end of 2020, Microsoft says. The company is also working with manufacturers to ensure security updates are successfully delivered to their voting machines running Windows 7.

Advertisement. Scroll to continue reading.

The updates will be available “in the United States and in other democratic countries, as defined by the EIU Democracy Index, which have national elections in 2020 and express interest,” the company reveals.

Aimed at protecting political campaigns, parties, the election community and democracy-focused nongovernmental organizations, Microsoft’s Defending Democracy Program provides tools such as the AccountGuard service (at no additional cost) and ElectionGuard (free and open source).

Now, as part of the Program, Microsoft is “proactively identifying and engaging election authorities that are Microsoft Azure customers to provide guidance and technical assistance in using the most advanced security features in Azure.”

Related: Securing the 2020 Elections From Multifarious Threats

Related: New Election Systems Use Vulnerable Software

Related: Microsoft Launches New Solutions to Protect Elections From Hacking

Related: 0patch Promises Support for Windows 7 Beyond January 2020

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.