Windows Server 2012/R2 – End of support: What you should do now

Microsoft is extending support for Windows Server 2012, even though the operating system is considered “retired”. You now have these options.

Why did support for Windows Server 2012/R2 end?

It is common practice that software is only supported by the respective manufacturer for a limited period of time. Microsoft, for example, offers support for its programmes and operating systems for ten years, after which the “retirement” comes – or EOL (End of Life). During the support period, the Redmond-based company releases several updates and versions.

Let’s take a look at Windows Server 2012: as the name suggests, the first official version was released in 2012. Windows Server 2012/R2 came onto the market in October 2013.

Accordingly, support ended – actually – on 10 October 2023, but that’s not the case! Microsoft is now granting users a three-year extension for a fee – provided the systems are not running in the Azure Cloud.

Why is support for Windows Server 2012/R2 being extended?

Microsoft has realised that many companies are still using Windows Server 2012 R2, even though the operating system is actually considered obsolete. The German website Winfuture.de writes: “Unfortunately, this proves once again how much companies in particular let updates to new versions slide.” This is despite the fact that Microsoft has repeatedly pointed out in recent years that support for Windows Server 2012/R2 will be discontinued in October 2023.

However, too few companies have followed this advice and encouragement. Microsoft is therefore making an exception and extending the Extended Security Update (ESU) for a further three years. This means that the final end for Windows Server 2012/R2 will not come until 13 October 2026 – provided you take advantage of the 3-year ESU.

How does the support extension for Windows Server 2012/R2 work?

If your company would like to continue to receive support from Microsoft for the outdated operating system, you must first prepare your systems for this. Among other things, you have to install the Servicing Stack Updates and configure your proxy firewall for the activation of the keys.

You can then purchase the paid Extended Security Update and download new licence keys. However, this will not provide you with any improvements for Windows Server 2012/R2, only security-related updates.

Tip: A Techcommunity article explains how to activate your ESU in Azure Arc.

Conclusion: You now have up to three years longer to replace Windows Server 2012/R2 – provided you are willing to pay the price.

Windows Server 2012 ESU in Azure (Bild: Microsoft)

Why should Windows Server 2012 finally be replaced?

Windows Server 2012 is – apart from a few improvements – basically around ten years old, individual components even older. An operating system that is this outdated is a real boon for hackers and cyber criminals. They exploit the gaps and vulnerabilities to compromise the systems.

In other words, software such as Windows 2012 (R2) harbours a high risk potential. It therefore poses a threat to information security and data protection in your company!

If damage occurs because your operating system has been compromised, this can have serious and costly consequences. Consequences that may not be covered by cyber insurance because you have neglected IT security.

How should you deal with the extended EOL of Windows Server 2012/R2?

Seize the opportunity to finally “retire” Windows Server 2012 in your company! To ensure that this works and that no major damage occurs in the meantime, you should implement a few measures. For example these:

    • Create a plan to migrate Windows Server 2012/R2 to Azure or replace it with another operating system.
    • Carry out all updates as quickly as possible until the ESU is complete.
    • Secure the outdated Microsoft operating system as well as possible by performing a Windows Server hardening.
    • This means, for example, switching off all unnecessary and unneeded services, replacing outdated applications, limiting access rights and introducing secure passwords.
    • It is also extremely important that you always keep all applications up to date and back up all data on a daily basis.
    • If you don’t already have one, create a directory with all Windows systems in your company. This way, no components of your IT landscape will be forgotten during system hardening and migration.

Tip: Would you like to know how well your Windows Server 2012 systems are currently “hardened”? Then carry out a check with the free AuditTAP.

 

AuditTAP creates a report on the extent to which your operating system and its applications comply with the hardening recommendations of CIS, DISA, BSI, ACSC and Microsoft.

This gives you an ideal overview of the vulnerabilities and a corresponding report that can also serve as proof for internal and external audits. AuditTAP also shows you how risky the continued use of your Windows Server 2012 system is. The “Risk Score” can look like this, for example:

End of Life: Can Windows Server 2012 be used for longer?

It is up to you to decide whether you want or even need to continue using Windows Server 2012/R2 at this time and beyond the end of support.

Sometimes it is not possible or economically viable to run a new operating system on old hardware. Or you have business-critical software in use that only runs on the Windows Server 2012/R2.

If there is no alternative to using Windows Server 2012/R2 despite EOL, you need to carry out a risk assessment – because the operating system is then no longer “state of the art techniques“. And there are a few important measures to take, such as these:

    • Your Windows Server 2012 systems must no longer be given internet access.
    • The servers must be sealed off from the rest of the network and any necessary connections must be controlled via a firewall.
    • Possible compromises are recognised with automated anomaly detection. Appropriate reactions must be initiated immediately.
    • Work continuously on System Hardening by applying the latest findings and recommendations.

Do you need support with System hardening?

Would you like to “harden” Windows Server 2012 or other operating systems? Do you need help with a hardening audit? Contact us, we will be happy to assist you.

Send us a mail

Images: Freepik, FB Pro

 

Leave a Reply