End of support for Windows 7 and other Microsoft products

Microsoft plans to end support for Windows 7 after January 14th 2020 and will no longer provide security updates.  For volume license customers, Windows 7 Extended Security Updates (ESU) will be available for a fee through January 2023. A future option may be Windows Virtual Desktop (WVD) for Windows 7, which was announced in 2018 but not yet available in Preview mode.

Update: paid Windows 7 Extended Security Updates (ESU) will be available for businesses of all sizes through January 2023.

Office 2010 will no longer be supported as of October 13th 2020.   Microsoft is also ending support for Windows 10 Mobile OS for smartphones on December 10th 2019 and recommends that customers move to a supported Android or iOS device.

Internet Explorer 11 will be the last release, and Microsoft has released more information at its Internet Explorer FAQ page.

Support life cycle dates for Microsoft products can be found at support.microsoft.com/en-us/lifecycle/search.

Microsoft Edge browser will become Chromium compatible

Microsoft announced that their Edge browser will be changed to become Chromium compatible (and behave more like Google Chrome) in order to standardize web development.   The Edge development team has shared more details on the transition to the open source Chromium project at its Developer Blog site and GitHub pages.

Web browsers and websites should be upgraded to TLS 1.2 standard

Most major web browsers such as Google Chrome, Mozilla Firefox, Apple Safari, and Microsoft Edge and Internet Explorer should already be using TLS 1.2 (Transport Layer Security protocol) if the latest versions are installed.

Windows devices can be updated by selecting Control Panel -> Network and Internet -> Internet Options.  Under the Advanced tab, TLS 1.0 and TLS 1.1 should be unchecked.

 

To verify if your browser meets TLS 1.2 security requirements, you can access these links:  www.ssllabs.com/ssltest/viewMyClient.html and www.howsmyssl.com

Websites and servers that have not recently been updated may still be running TLS versions 1.0 and 1.1, so web browsers and apps may display error messages or block access to them.

TLS 1.3 is currently the latest version, which was published by the Internet Engineering Task Force (IETF) in August 2018.

 

Companies are tracking user biometric behavioral data

The New York Times has reported on companies that track the way that users interact with websites and apps, including user typing, clicking, and swiping patterns.  This stored behavioral biometric data can be used to generate an automated security warning if an application user’s behavioral patterns are different than previously detected.

Some of the companies that provide solutions to track biometric behavioral data include Forter, Biocatch and NuData Security.

Microsoft Office Online browser extension for Edge and Google Chrome browsers

The Microsoft Office Online browser extension for Edge and Google Chrome browsers allows you to open and create files for Excel, Word, PowerPoint, OneNote, and Sway in your browser without needing Office installed.

This free extension is available from Microsoft Store and Chrome Web Store.

Secure HTTPS websites for free using Let’s Encrypt

Google Chrome will display all non-HTTPS sites as “not secure” with the release of version 68 in July 2018HTTPS websites will also be ranked slightly higher in Google searches when compared to HTTP sites.

Let’s Encrypt is a free certificate authority that can be used to create HTTPS websites.  This project is managed by the non-profit Internet Security Research Group (ISRG).   Let’s Encrypt works well for low and medium traffic websites.  Websites that experience a great deal of web traffic or need warranty coverage should consider a paid certificate authority.  Let’s Encrypt certificates also expire every 90 days and have to be renewed.

More information is available at:

Net neutrality rules end on June 11th 2018

The Federal Communications Commission (FCC) ended net neutrality internet regulations that required internet service providers (ISPs) to treat all web traffic equally on June 11th 2018.  Internet service providers must publicly disclose their network management practices and performance characteristics under the new FCC Internet Freedom transparency rule.