If you’re thinking about buying into AMD’s Ryzen or Intel’s Kaby Lake platforms, and you plan to use your existing Windows 7 or 8.1 license key, take note that you’re no longer eligible for updates from Windows Update, and will be left defenceless against zero-day exploits and other attacks in the future that target these two platforms running Windows 7 or 8.1. This change was made by Microsoft earlier this month in a new knowledge base article, KB4012982, which details the following error message seen on Ryzen and Kaby Lake systems: “Your PC uses a processor that isn’t supported on this version of Windows”. This is a major blow to businesses and small to medium enterprises which rely on software validated for Windows 7, and means that even buying Skylake hardware is not going to matter.

Officially, Microsoft’s support for recent microarchitectures only applies to Windows 7 and 8.1 on Intel Broadwell and Broadwell-E systems, and on AMD’s Piledriver, Carrizo, and Godavari processor families. It technically supports Skylake systems on Windows 7 and 8.1 as well, but this was a change in policy at the eleventh hour when business partners said that they’d continue to use Windows 7 and preferred not to pay exorbitant prices for security updates that had been validated by Microsoft. Skylake-based systems will only receive some security updates that are compatible with the microarchitecture, or that do not impede on performance, according to Microsoft, because the same fixes that work on newer processors might not apply to older hardware in the same way (which is weird considering that Skylake and Kaby Lake are nearly identical).

This new policy for Windows 7 and 8.1 on newer hardware, though, completely locks you out of using Windows Update for good. There is no protection from zero-day exploits, no anti-virus updates through Windows Defender, and no driver support for new hardware through Windows Update. While Windows 7 is in its extended support period up to the year 2020, the regular support period for Windows 8.1 ends on 9 January 2018, with extended support stretching to 12 January 2016.

Windows 10 offers support for the following processors at the moment:

  • Intel 7th Gen (Kaby Lake) processors
  • AMD Bristol Ridge
  • Qualcomm 8996 chipset family, which includes the Snapdragon 820, 823, 828, and 830 processors

In the future, it’ll support other ARM-based processors from companies like Rockchip, Huawei, and Samsung. Broadwell-E and AMD Ryzen processors are also now included in this group. For customers who still require the use of Windows 7 or 8.1, Microsoft’s official recommendation is that those operating systems should be virtualised, but they’ll still be unsecure anyway. It is possible to spoof another CPU identifier inside a virtual machine to keep receiving updates, but a better workaround is to use the WSUS Offline Update tool to download new updates for your unsupported system. WSUS doesn’t run the same hardware checks that Windows 10 will do, and it bypasses all of the usual restrictions because it receives updates directly from Microsoft’s servers.

Perhaps this move will also drive more people to run Linux as the base operating system, acting as a host, while running Windows 7, 8.1 and 10 in a virtual machine with full hardware pass-through. It’ll be quite ironic if it turns out that Microsoft’s only applicable update is an upgrade to Windows 10.

Source: Microsoft Support