Install only security UPDATEs to avoid Surveillance
Install only "security only quality UPDATE" (= security updates)
Avoid "ROLLUP", those patches just add Surveillance to former offline parts. (valid for Win 7 and Server 2008 R2)
Windows Server 2008 SP2, which exits extended support on January 14, 2020, is getting a new support model. A Tuesday, June 12 blog post from the Windows Server Team announced the change, which will see the server adopt the “monthly quality rollup” scheme Microsoft brought to Windows 7 and Windows 8.1 as of October 2016. The …
"Avoid "ROLLUP", those patches just add Surveillance to former offline parts. (valid for Win 7 and Server 2008 R2)"
You allow unauthenticated internet access?! Otherwise it wont be able do anything. Not that it monitors anything of note on corporate Windows / server anyway.
are fine for clients or servers, where no additional software is installed.
For production machines with diverse software, having roll-ups can be awkward, as certain updates can break certain software. At least with the individual updates, you can pick and choose the ones that are compatible with your production software. That then leaves you open to chose other actions, if a security patch breaks something, for example, such as segmenting the network and firewalling the server in its own zone.
Yes and no... As a user, I love roll-ups. I've been saying for years that Windows should have them. It makes setting up a new PC much easier - one or 2 patches and you're done, not 150 patches, reboot, 120 patches, reboot, 10 patches, reboot, 20 patches, reboot, 40 patches, reboot... Until all the patches for the last 10 years have been installed.
On the other hand, having the option to go roll-up or individual for machines with a delicate software stack would be better.
holding on to old applications.
In my experience IT is not given much control of application lifecycles, they are just expected to "deal with it"
Roll on the time I can charge my business areas more for each outdated platform version they insist I hang on to. They also don't realise that to maintain the old development tools, I also have to look after out of date desktops too.
Maybe I need to nuke them from orbit "just to be sure"...
We have a Building Management System running on 2008r2. The software does not support newer Windows. It'll be $30,000 to upgrade the Bms. Locked in by Windows and the lockin costs hey!
If it wasn't for the fact that it's a Siemens system as effected the Iran centrifuges we'd probably extend windows Support.
The new Bms software requires Flash ffs. Ffs. Ffs. Ffs. Cocks. Are other industries as clueless as IT?
The article says the 1st but I know of more than a few companies that are figuring the date to be Feb, 11, 2020. That's the date of the first Patch Tuesday where there are no more free patches for Windows 7 or Server 2008.
If you want to strike the Fear of <insert deity> into someone, go to www.timeanddate.com, click on Date-to-Date Calculator, click on the "Count only workdays" link and then fill in the fields. (The link calculates US holidays; I do not know if it works in other countries).
As of today there are 397 workdays left to convert every one of your Windows 7 and Sever 2008 systems AND their applications to a newer version, a few more if you don't get all of the holidays. Presuming of course that your company cares about such things.
580 days if you work in a sweatshop.