Since July 14 2015, Microsoft is no longer issuing security updates for any version of Windows Server 2003.
If you are still running Windows Server 2003 in your business, you need to take steps now to plan and execute a migration strategy to protect your infrastructure and applications. By migrating to Windows Server 2012 R2, you can achieve concrete benefits, including improved security and performance, reduced maintenance requirements and increased agility and speed of response to the business.
Customers that have delayed updating and modernising their Windows Server 2003 installations are facing a harsh reality: The end of extended support was on July 14, 2015.
Windows Server 2003 is in the extended support phase, which offers a continuation of certain mainstream support items such as paid per-incident support, security updates, and ongoing use of the Microsoft Knowledge Base. However, during the extended support cycle, non-security hotfix support terminates, no-charge incident support is eliminated, and design changes and feature requests are no longer offered.
The end of support has significant implications for clients with Windows Server 2003 installations. These systems fall into a non-supported mode, meaning there are no further security fixes, there is no incident support available from Microsoft, and, equally important, servers used in environments requiring regulatory compliance may find it impossible to meet regulatory requirements, leading to an out-of-compliance condition.
Some Key Concerns Customers Face:
- Lack of patches/updates/non-security fixes. No-cost, non-security-related update support terminated on July 13, 2010. However, support for non-security-related updates was available on a for-fee basis to customers that felt it was important to continue to have access to fixes that could help their system run optimally and perform well.
- Elimination of security fixes. Customers see security fixes as being among the most critical fixes for their installed servers. These fixes will no longer be delivered to customers for their Windows Server 2003 servers, regardless of how severe a given issue may be. This may be less of a problem with many aging Windows Server 2003 applications, mainly because the applications still in use are increasingly likely to be inward facing rather than outward facing.
- Lack of support. Customers no longer have the ability to contact Microsoft for technical support in the event of a server problem. This becomes particularly important when a system experiences an outage and customers are unable to restore the system and recover data and applications from the stalled machine.
- Application support challenges. Application ISVs dislike having a complex support matrix and typically support current versions along with a finite number of earlier editions of the product. For most ISVs, an 11-year-old application is probably already past its rational support life cycle, and in most cases, these application ISVs are about to discontinue or have already discontinued support for aging operating system environments such as Windows Server 2003.
- Compliance issues. Customers in regulated industries or handling regulated data, including healthcare and payment card industry (PCI) data, may find that they are out of compliance, which could mean fines or being cut off from key trading partners that seek to protect their own regulatory compliance status.