search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
Security


attacks and a 67% increase in ransomware activity across 2023–2024, much of which targets Windows 10 simply because it’s widely used Te result? A growing wave of targeted and opportunistic attacks,


especially ransomware, privilege escalation, infostealer deployment, and lateral movement inside corporate networks. Attackers don’t need to rush; the vulnerabilities won’t be fixed, and the targets are still online.


For those helping clients transition to Windows 11, what are the most common obstacles they’ll face? Te transition to Windows 11 isn’t always seamless. MSPs frequently encounter legacy applications—sometimes custom-built on deprecated APIs—that simply won’t run or behave erratically under Windows 11’s stricter security and 64-bit enforcement. Many enterprises report “one or two ancient LOB apps or peripherals” that block migration entirely. Security soſtware compatibility is another hurdle: legacy AV or old


EDR drivers oſten rely on deprecated kernel hooks or ring-0 access and fail under the hardened Windows 11 kernel. Hardware disqualification is widespread. At the beginning of 2022,


over 66% of virtual machines lacked TPM 2.0, and only ~45% met both RAM and CPU requirements. Survey data show that companies spent hundreds of thousands of dollars simply replacing TPM- incompatible devices; one MSP even reported $ 230,000 just to cover TPM upgrades. Finally, MSPs face budget constraints, licensing friction, and user


training needs, as stakeholders oſten baulk at the long-term cost of legacy systems compared to the upfront pain of upgrades.


What practical steps should MSPs take to secure systems that will remain on Windows 10 aſter support ends? When Windows 10 can’t be retired immediately, MSPs must harden the environment as much as possible. Start by enforcing the principle of least privilege, ensuring that end users have no local administrative rights. Disable or strictly control Remote Desktop Protocol unless absolutely necessary. Raise User Account Control to its highest setting and block all non-essential services and ports via firewall rules. Real-world exploits have already demonstrated the dangers of even


basic user actions. In late 2024, ClearSky reported CVE-2024-43451, a vulnerability in the MSHTML engine used by Internet Explorer mode in Edge, which allowed code execution simply by dragging or deleting a file. Russian-linked actors were observed exploiting this flaw, a chilling reminder that even “retired” features like IE-mode can remain active and pose a danger on unsupported systems. To reduce exposure, MSPs should layer additional controls using


third-party tools by implementing application allowlisting, restricting script execution (e.g., PowerShell, WMI), enabling centralised log monitoring, and isolating high-risk endpoints behind VLANs or segmented firewall rules. Where possible, limit or entirely disable internet access for systems running Windows 10, especially for endpoints no longer receiving patches.


What recommendations do you have for communicating the urgency of upgrading to clients who are resistant or unaware of the risks? Start with the blunt truth: “Running Windows 10 aſter support ends is like driving a car with no brakes and hoping no one ever runs a


www.pcr-online.biz


red light.” Ten make it relatable: emphasise that cybercriminals actively scan vulnerable systems and target unsupported OSes because they know no patches will ever arrive. Use real-world breach examples where outdated systems led to ransomware, data theſt, or compliance violations, especially ones from their industry. For visual learners, show how many critical vulnerabilities were patched in the last year alone, and explain that none of these fixes will be coming to Windows 10. Finally, contrast the cost of an upgrade with the cost of an incident, and the message becomes very clear. Resellers should emphasise that the cost of upgrading is minimal compared to the potential consequences of a breach. Unsupported systems can lead to ransomware attacks, regulatory fines, and insurance denials. Upfront savings aren’t worth long- term risk; a single incident could cost more than replacing every outdated machine. Upgrading is a business continuity investment, not just an expense.


Are there interim solutions, such as TreatLocker tools or policies, that can reduce exposure during the transition? Absolutely, ThreatLocker delivers measurable, layered risk reduction for systems running unsupported Windows versions: Its Default Deny model blocks every application that isn’t explicitly whitelisted. According to a recent Forrester Total Economic Impact™ study, this policy led to a 99% reduction in security incidents across enrolled organisations. Storage Control prevents unauthorised USB or network storage usage, which is critical, as 89% of ransomware attacks now involve some form of data exfiltration. Beyond that, Application Control and Ringfencing ensure


only trusted applications can execute, and even those are tightly restricted in what they can access or spawn, drastically reducing the risk of lateral movement or zero-day exploitation. Considering recent events, such as the SharePoint zero-day


breach (July 2025), where attackers exploited a server-side flaw to steal encryption keys and plant persistent backdoors, TreatLocker Network Control becomes especially vital. Tis product enables organisations to limit outbound and inbound traffic at the application level, ensuring that even if a zero-day exploit is triggered, the process is prevented from communicating with the internet, exfiltrating data, or reaching command- and-control servers. It can block unknown IPs, unauthorised protocols, or non-business critical connections, stopping the attack chain cold. TreatLocker Detect further strengthens the stack by


monitoring behavioural indicators, such as PowerShell use, unauthorised user changes, or suspicious log activity, providing real-time alerts even on legacy systems like Windows 10. Today, TreatLocker protects over 54,000 organisations globally,


showing that it’s not just a transition tool; it’s an enterprise-grade endpoint defence platform that bridges the security gap for ageing systems approaching the end of support. Together, these tools form a modern zero-trust stack that helps


defend unsupported environments from both opportunistic malware and state-level actors, with controls that don’t rely on reactive patching, but on proactive containment.


July/August 2025 | 37


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52