Legacy Operating Systems Hanging Around Isn’t Just Bad for Security

3 min readJul 1, 2019

When the grim reaper comes for an operating system we all know what that means; no more security updates, software vendors stop supporting it and essentially it’s a forgotten soul in the Microsoft ecosystem.

It’s obviously important to keep your server infrastructure current not only to continue getting security updates but for all the reliability improvements and features that new operating systems can get you. This is the most obvious benefit but sometimes the biggest benefit for getting servers current is standardization.

Ahh, beautiful standardization. Standardization nirvana is that moment when all your servers are running exactly the hardware with the same firmware, the same OS, have exactly the same configuration and you’re using Powershell DSC to ensure they all stay that way. When you make a change to one you know with 100% certainty that the change will behave in exactly the same way on all your other ones. Just take it all in for a moment…..

OK, back to reality. No one lives in standardization nirvana but we all strive to get there. What some people don’t understand is that not prioritizing server upgrades and focusing more on standardization not only affects security but also makes you pull your hair out when you try to roll out a change to all your servers. I love examples and I’ve got just the one for you.

Today I am planning to deploy an application to a few hundred servers. This application requires some registry tweaks, files copied and a Windows feature installed; perfect for a Powershell script, right? Yes; a 20 line script maybe, but this script, when fully tested across the 7 different Windows OSes and different architectures turned into a 100 line beast! Why? Read on…

First, it needed a Windows feature installed. If I had Server 2012 across the board it’d just be a simple matter of:

Add-WindowsFeature FEATUREHERE

However, I have Server 2008 RTM which requires:

Import-Module ServerManager Add-WindowsFeature FEATUREHERE

A small change yes, but nonetheless a difference. I then have Server 2003 which is completely different:

Start-Process 'sysocmgr.exe'…

Legacy Operating Systems Hanging Around Isn’t Just Bad for Security

Written by Adam Bertram

More from Adam Bertram

How to Build Infrastructure with Terraform in Azure DevOps

Originally published at https://adamtheautomator.com by Amanda Punch on November 24, 2021.

Discover How to Create an Azure VM in Microsoft Azure Cloud

Originally published at https://adamtheautomator.com by Sagar on February 8, 2023.

Microsoft MVP Award: The Advantages and the Sacrifice Required By It

Today, we are going to talk about the Microsoft MVP program, more specifically how you can become a Microsoft MVP.

Azure Service Principals: How to Create (and Understand) Them

Originally published at https://adamtheautomator.com on September 9, 2020

Recommended from Medium

The ChatGPT Hype Is Over — Now Watch How Google Will Kill ChatGPT.

It never happens instantly. The business game is longer than you know.

The Most Powerful Morning Routine I’ve Found After 3+ Years of Experimenting

A realistic, science-based, customizable, and aggressively self-tested morning system

Lists

Icon Design

Tech & Tools

Productivity

Staff Picks

Building a Secure Cybersecurity Research Lab: A Journey of Isolation and Exploration

Introduction

Falling out of love with Vim

My love affair with Vim is done. I’m over it and have moved on. Perhaps the timing is bad — Vim has just lost a parent after all…

Setting up VirtualBox Home Lab Network

Having a home lab network is necessary for any IT professional from Full Stack Developers to Cyber Security Engineers. Today, I will go…

10 Seconds That Ended My 20 Year Marriage

It’s August in Northern Virginia, hot and humid. I still haven’t showered from my morning trail run. I’m wearing my stay-at-home mom…