Microsoft is ending support for Windows Server 2003 on 14 July 2015. Servers running this version of windows will function but will no longer receive security updates & support. It is likely software suppliers will also pull support for Windows Server 2003 next year. This means that your current applications will run, but that future versions will not.
Companies who do not upgrade could be left exposed if any vulnerabilities are discovered after 14 July 2015. That means that if something like the recent SSL 3.0 vulnerability was to happen again, there won’t be an emergency patch released by Microsoft to close that vulnerability. As we’ve seen with several recent well known vulnerabilities such as heartbleed and shellshock, there can be widely exploitable vulnerabilities in code that’s been around for a long time.
Then there’s the compliance issue. While most businesses don’t spend much time thinking about compliance, much legislation is very specific about whether organizations are meeting their responsibilities if they are running unsupported software.
All our customer have already been upgraded ahead of the deadline, but if your organisation is still running Windows Server 2003 please get in touch and we can advise on how you could upgrade.
Paul November 14th, 2014