The 10 most popular software versions that will go out of support in 2024

The 10 most popular software versions that will go out of support in 2024

To read the article in Italian language, go to the WEGG's website!

The use of out-of-date software: implications and regulations

Why it is important to know if you have outdated software in your environments: implications, regulations, and use cases such as SQL Server 2014.

Like every year, we are approaching the time when some of the software versions installed in IT environments around the world-whether system or application software-are reaching the end of their lifecycle. The year 2024 is no exception: several platforms that many of us use daily will no longer receive security updates or official support. It is therefore time to prepare for the transition to the latest versions.??


Here are the 10 most popular software versions that will go out of support in 2024:?

1) Microsoft Windows Server 2012/2012 R2

Released in September 2012, these celebrated server operating system versions from Microsoft have served businesses for more than a decade. With support scheduled to end on Oct. 10, 2024, now is the time to plan to migrate to newer versions to ensure security and business continuity.

2) Microsoft SQL Server 2014

Released in June 2014, SQL Server 2014 has been a milestone for database management. With support ending July 9, 2024, it is essential to consider upgrading to keep databases secure and optimized.

3) Oracle Database 12c

Released in June 2013, it has been a benchmark for enterprise data management. Support will end on June 30, 2024, making it essential to upgrade to newer versions, such as Oracle Database 19c or 21c, to ensure performance and security.?

4) Oracle Java SE 8

Released in March 2014, Java SE 8 has been widely adopted for application development. With support ending on Dec. 31, 2024, it is time to consider upgrading to newer versions of Java to continue receiving security updates.?

5) VMware Converter 6.3.

Support for VMware Converter 6.3 ended June 30, 2024. This product, which allows conversion of physical and virtual workloads to VMware virtual machines, has been updated to ensure compatibility with newer versions of vSphere and improve security standards.?

6) Microsoft Visual Studio 2013

Extended support ended on April 9, 2024. Visual Studio 2013 has been a popular integrated development environment for creating applications on Microsoft platforms. It is important to upgrade to a newer version, such as Visual Studio 2019 or later, to ensure that applications are developed in a secure and supported environment.?

7) Dynamics CRM 2013

Extended support for this version of Dynamics CRM ended on January 9, 2024. It is a platform used for customer relationship management in many companies. It is essential to upgrade to a newer version, such as Dynamics 365.Upgrading is critical to protect sensitive customer data, improve operational efficiency, and remain competitive with the new automation and artificial intelligence technologies built into Dynamics 365.?

8) IBM Power8

Extended support for Power8 servers will end between March and October 2024, depending on the specific model. These servers have been used in business-critical environments for a variety of workloads and there is a need to provide more secure alternatives.?

9)Adobe ColdFusion 2018

Used widely for web and back-end application development in many enterprises, especially in industries that require robust and scalable applications, it reached the end of extended support on July 13, 2024. It is valued for its ability to handle business-critical applications with high performance and reliability requirements.?

10) Adobe Connect 10.6.

Extended support for this platform in enterprises for web conferencing, e-learning, and webinars is scheduled to end on November 17, 2024. It is important to consider upgrading to a newer version, such as Adobe Connect 11.x, to make the user experience smoother and more secure.


Why you need to know what software is no longer supported on your environments

When a piece of software reaches the end of support, the software vendor stops releasing security updates. This means that any newly discovered vulnerabilities will not be fixed, leaving the software exposed to intrusions.

These vulnerabilities in unsupported software are often well-documented, known, and detected by hackers and cybercriminals partly because of advanced Artificial Intelligence tools, which allow them to easily exploit them to launch targeted attacks.

Exposure, in addition to undermining business continuity (outages, integration with other technologies, etc.), also contravenes regulatory compliance. In Italy, companies are subject to stringent regulations that require them to provide security updates.?

Let's look at some of them:

  • The General Data Protection Regulation (GDPR)

Although the GDPR is a European regulation, it is directly applicable in all European Union member states, including Italy. It requires the systems used to handle sensitive data to be secure and up-to-date, specifically in Article 32. Organizations MUST take appropriate technical and organizational measures to ensure a level of security appropriate to the risk. This includes regularly updating software to protect personal data against unauthorized access, loss, or destruction.?

  • The Digital Administration Code (CAD)

Similarly, the CAD (Legislative Decree No. 82 of March 7, 2005) stipulates that public administrations must adopt cybersecurity measures to protect data and systems.

  • ?The Cybersecurity Act (Legislative Decree 65/2018)

This decree, which implements the European Union's Network and Information Security (NIS) Directive, imposes cybersecurity obligations on operators of essential services and digital service providers, including the obligation to keep software up-to-date.


Then there are specific regulations for regulated sectors, such as banking, finance, and healthcare. For example, the DORA Regulation, adopted by the European Union, focuses primarily on the digital operational resilience of financial institutions.?

One of the key components of DORA is the requirement for financial entities to maintain robust cyber incident resilience, including vulnerability management and regular updating of software systems to ensure security (see Article 10).

Although not a standard but a best-practice, there are many Italian companies that adopt the ISO/IEC 27001 standard for information security management. This standard requires organizations to adopt a process for managing information security risks, including regular software updates.?

How to Detect and Manage Unsupported Software?

It is crucial to monitor the versions of software in use on one's systems. At WEGG we are experienced consultants in IT Asset Management and specifically in software license management. Through advanced SAM systems we offer a clear view of what software is in use, facilitating the planning and application of security patches needed to reduce vulnerabilities.

In particular, our partner Flexera's Risk Monitor tool is able to increase the degree of awareness regarding vulnerable software: through integration with the NVD database, it is able to combine information about security risks with data collected from inventory so as to show where there are vulnerabilities that need to be patched immediately.

In addition to providing reports that help Security and Operations teams set up ongoing processes to mitigate risk related to vulnerable or unsupported software (we discussed this here), we are able to guide decisions that accompany the replacement of unsupported software.

There are, in fact, several options available, including migration, upgrade and subscriptions, but also consideration of activating extended support.

Upgrading is not always possible: for instance, one of our clients was using Windows 7, which was was scheduled to end on January 14, 2020. Since they were unable to migrate In time, we supported them to join the Extended Security Updates (ESU) program for companies that needed more time to migrate to a newer operating system (there was time until January 10, 2023).?

This extended support period gave them the necessary time to manage unsupported technologies, and we were subsequently able to migrate their operating system to the new Windows 8, thanks to our centralized endpoint management systems (see our Work from Anywhere area).

?

SQL Server 2014: a case study

Let's take SQL Server 2014, which reached its EOL and began the Extended Security Updates (ESU) phase on July 9, 2024, as an example. How can companies handle the fact that extended support is no longer provided??

Once they have detected the SQL Server 2014 versions in use on their systems by scanning with advanced SAM tools, companies can evaluate all the options available to them.


Installations of SQL Server 2014 in a IT environment

?

Let's look at some of them:

  • Migrate to Azure SQL and enjoy the benefits of cloud computing

One can decide to migrate to Azure SQL, which uses the same engine as SQL Server: this would make the migration easier. You can use the same tools, languages and resources you are used to, but with greater efficiency and accessibility in the cloud. In addition, Azure updates automatically, so in the future you won't need to worry about updates.

  • ?Migrate to an Azure virtual machine

Alternatively, you can move SQL Server workloads in the cloud to an Azure virtual machine to avoid having to make code or architecture changes and benefit from free extended security updates.

  • ?Upgrade to a newer version of SQL server.

You can otherwise also use SQL Server on-premises by upgrading it to a newer, supported version, such as SQL Server 2016 or 2019. The upgrade should be done in order, one version at a time.?

What assessments need to be made:?

  • moving to Azure SQL has several advantages, but you need to consider whether it is worth it: if applications and virtual machines are on other providers (such as Amazon), managing them separately may require additional cost and effort.
  • migrating the workload to a virtual machine that supports SQL Server might be a temporary solution because it maintains compatibility with the existing infrastructure without having to rewrite code. However, in the long run, it may not be the most cost-effective or scalable solution, especially if the company plans to migrate completely to the cloud. It may lack the specific optimization that Azure SQL offers in terms of performance and automated management.
  • upgrading to a newer on-premise version of SQL in the same way could be a solution, but again, one must weigh the operational costs against paying for an ESU (if one decides in the future to migrate to the cloud). This approach provides business continuity and technical support, but could incur significant costs, including licensing, hardware, and maintenance costs, especially if a future migration to the cloud is planned.

?

Customers who qualify for Software Assurance under an Enterprise Agreement (EA) can purchase and deploy ESUs through Azure Arc, either in on-site or cloud environments. Azure Arc ESUs offer greater adaptability, allowing you to decide next steps at your own pace.?

Whatever the choice, whether to maintain your current configuration by paying for an ESU, upgrade to a newer version, or move to the cloud, the important thing is to secure your SQL Server 2014 post EOL systems in a way that protects your data and complies with regulations.


Would you like to detect unsupported software in your systems? Contact us at [email protected] for a consultation!

?

?

要查看或添加评论,请登录

社区洞察

其他会员也浏览了