Security Experts:

Connect with us

Hi, what are you looking for?


Management & Strategy

Nearly Half of SMBs, Enterprises Still Using Windows 7: Kaspersky

Data collected by Kaspersky shows that many businesses are still using Windows 7, for which Microsoft plans on ending extended support in just a few months from now.

Data collected by Kaspersky shows that many businesses are still using Windows 7, for which Microsoft plans on ending extended support in just a few months from now.

According to Kaspersky, 47% of small and medium-sized businesses (SMBs) and enterprises still use Windows 7. Fortunately, none of the organizations Kaspersky has visibility into use Windows XP or Windows Vista, for which support ended years ago, but 0.4% still use Windows 8, which hasn’t received updates since January 2016.

Windows 8.1 is used by 5% of organizations. For this version of the operating system, mainstream support ended in January 2018 and extended support will end in January 2023. Windows 10 is used by 47% of organizations, Kaspersky said.

Kaspersky has also looked at the operating systems used by consumers and very small businesses (VSBs). Roughly 10% of consumers and 7% of VSBs still use Windows XP, Vista, 8 or 8.1. Windows 7 is used by 38% of consumers and VSBs.

Windows usage statistics from Kaspersky

“Statistics show that a significant share of users, both individuals and businesses, still use workstations running outdated or approaching end of lifecycle OS,” commented Kaspersky’s Alexey Pankratov. “The widespread use of Windows 7 is concerning as there is less than six months to go until this version becomes unsupported. The reasons behind the lag in updating OS vary depending on the software in place, which may be unable to run on the newest OS versions, to economic reasons and even down to comfortability of routinely using the same OS.”

Pankratov added, “Nonetheless, an old unpatched OS is a cybersecurity risk and the cost of an incident may be substantially higher than the cost of upgrading. This is why we recommend that customers migrate to supported versions and ensure that additional security tools are in place during the transition period.”

Extended support for Windows 7 is scheduled to end on January 14, 2020. However, Microsoft will still provide security updates beyond this date to some customers, until January 2023, but they will have to pay a fee for each device and the price will increase every year.

Microsoft announced recently that Enterprise Agreement and Enterprise Agreement Subscription (EA and EAS) customers with active subscription licenses to Windows 10 Enterprise E5, Microsoft 365 E5, or Microsoft 365 E5 Security will get Extended Security Updates for Windows 7 for free in the first year. These updates normally cost $25 per device for Windows E3 and $50 per device for Windows Pro customers in the first year. Windows E3 and E5 customers will then pay $50 per device in the second year and $100 per device in the third year, while Windows Pro customers will pay $100 and $200 in the second and third year, respectively.

Related: Microsoft to Charge for Windows 7 Security Updates

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Risk Management

A threat-based approach to security often focuses on a checklist to meet industry requirements but overlooked the key component of security: reducing risk.

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...