May 22, 2015

How much of a risk remains of new security flaws being found in Windows Server 2003?

Windows Server 2003 has been around for over a decade. There have been many patches over the years. After all this time, is it possible that the serious flaws have all been discovered and patched, so that there actually is very little risk after extended support comes to an end? This is somewhat theoretical, I know, but at the same time, there are about to be thousands of WS2003 instances out there that won’t be getting any more updates.
It's way past time to move to an alternative to Windows Server 2003, and the risk of using it will continue to grow as time goes by. Time to dump it and move on.
When Microsoft began its push to get people to migrate in 2014, it noted that there had been 37 bug fixes in the prior year (2013). I don't have 2014 numbers, but if Microsoft was issuing fixes at a rate of three per month a decade after the OS was released, it's safe to assume it's not bulletproof and that more holes will be found. After July 14, they won't be fixed.
Answer this