Why should I start to replace Windows Server 2003?

security windows-server-2003

Windows Server 2003 is a very good operating system from Microsoft, and we're relying on it on a daily basis.
I have heard that I should replace it by something "newer" and more "modern".

Why should I do this?
What are the implications if I don't upgrade?


While Windows Server 2003 was a very good Operating System for quite some time, it will reach its End of Extended Support life on July 14th, 2015.

While mainstream support gives you free security updates, service packs, non-security related hotfixes and a wealth of other stuff, the extended support phase reduces this to security update support and no new features/service-packs.

The end of extended support then basically marks the end of the product lifecycle, where there are no new security updates published by Microsoft for free. Depending on the product, there is the possibility to extend this time period by some time, but it's very expensive.

(Refer to the Product Lifecycle FAQ @ Microsoft)

What does that mean for you?

If a security issue is found in Windows Server 2003 after July 14th, 2015, Microsoft will not issue a patch to fix the issue. Your server will be vulnerable - forever - from that point on forward.

We have seen and learned with Windows XP that even after months of awareness campaigns, that there are still a lot of Windows XP installations out there, even after months of its end of extended support. These systems are and remain vulnerable to current and future threats. Refer to Qualys Blog

It is therefore strongly recommended and definitely best practice to upgrade those systems before July 14th, 2015. Start now.


A word about security (in response to a comment): software out of maintenance does not get security updates so such operating systems and software stacks must be kept carefully separated with this in mind. Such systems and the services they provide should not be directly accessible to users.

This means the answer is different if the servers are performing some back end function or directly serving users. Upgrade file servers, mail servers and others that users directly use or are connected directly to the network. Evaluate back end servers that do back-end tasks and are not directly accessible by users.

In the past the one reason to upgrade an OS was that eventually new hardware doesn't support the older OS and a needed software component doesn't run on the newer OS or misbehaves. Your then left with trying to find hardware that works or doing major changes to the software stack (replacing one component often leads to having to replace others as well).

This is no longer the case for server operating systems for the same reason it hasn't been true for mainframes for decades: virtualization allows you to run older operating systems and software stacks on new hardware.

The other reason is to take advantage of new features in the OS or software components now or in the future. If a software stack ages in place too long it becomes increasingly difficult to upgrade.

Related

How to deny the web access to some files?
Can I create my own S/MIME certificate for email encryption? [closed]
LVS vs HAProxy, which should I choose?
Can "enterprise" drives be safely replaced by near/midline in some situations?
Why is arr = [] faster than arr = new Array?
How can a string be initialized using " "?
Git: Installing Git in PATH with GitHub client for Windows
ASP.NET MVC: Custom Validation by DataAnnotation
Spark - load CSV file as DataFrame?
How can I make a clickable link in an NSAttributedString?
Starting Shiny app after password input
Generating a unique machine id