Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Microsoft Operating Systems Software Windows Technology

Windows 7 RTM Support Ending Soon 173

jones_supa writes with this news from Ars Technica: "Windows 7 users will have to install Service Pack 1 if they want to continue to receive security fixes and other support beyond April 9th. With the release of a Service Pack, Microsoft's policy is to support the old version for two years. Windows 7 Service Pack 1 was released on 22nd February, 2011, so the phasing out of support is happening more or less on schedule. In spite of a growing number of post-Service Pack 1 fixes and updates, Microsoft has shown no signs of shipping a second Service Pack. Should Service Pack 1 be the sole major update for Windows 7, it will continue to receive mainstream support — which encompasses both security updates, non-security bugfixes, and free phone support — until 13th January 2015. Extended support — security fixes and paid incidents only — will continue until 14th January 2020."
This discussion has been archived. No new comments can be posted.

Windows 7 RTM Support Ending Soon

Comments Filter:
  • you are an idiot (Score:5, Insightful)

    by arbiter1 ( 1204146 ) on Saturday February 16, 2013 @04:45AM (#42920405)
    If you don't have service pack 1 installed you are an idiot anyway to run a non-updated system.
    • Re:you are an idiot (Score:5, Informative)

      by kthreadd ( 1558445 ) on Saturday February 16, 2013 @04:56AM (#42920435)

      Well just because you're on Windows 7 RTM doen not mean that you're not updated. Windows 7 RTM receives security updates since it is still a supported version of Windows 7, but you should install SP1 in order to keep receiving them after April 9. Windows 7 RTM and Windows 7 SP1 lives side by side in parallel, and the release of SP1 did not mean that RTM stopped receiving updates.

      • by UltraZelda64 ( 2309504 ) on Saturday February 16, 2013 @05:29AM (#42920573)

        And I always thought "service pack" was just Microsoft slang for "patch roll-up." Apparently I was wrong. In this case, I don't see why Microsoft continues to develop two separate lines of what is basically the exact same OS, patch by patch. Sure, help the businesses that want time to test... fine, but it's still stupid to maintain two bases for so long, when they are essentially the same damn thing. It's more likely that third party programs are going to fuck up on you, and in my experience that does seem to be where the problems often lie.

        • Re:you are an idiot (Score:5, Informative)

          by kthreadd ( 1558445 ) on Saturday February 16, 2013 @05:44AM (#42920605)

          A service pack will often include some new features, and has actually sometimes removed features. For example Windows XP SP2 removed the support for raw sockets. A service pack can introduce braking changes. That's why there is a fairly large overlap between the old and new service release.

        • Re:you are an idiot (Score:5, Informative)

          by TimothyDavis ( 1124707 ) <tumuchspaam@hotmail.com> on Saturday February 16, 2013 @08:12PM (#42924759)

          I can add some clarity to this.

          When Windows reaches RTM, the ownership of support is handed off from the Windows team to the Windows Sustained Engineering (WinSE) team. Two code branches are opened up for creating QFEs, a Limited Distribution Release (LDR) branch, and a General Distribution Release (GDR) branch.

          The GDR branch is used for updates that are going wide to all users, which include security updates and high impact updates. Depending on the severity of the QFE, it might be posted to Windows Update as a security update, or alternatively it would be provided to OEMs to preinstall on shipping systems to resolve a specific issue.

          The LDR branch is used for updates that aren't going to be distributed to a wide audience. This might be something like a QFE that fixes a bug that some enterprise customer is seeing, but doesn't have much applicabilty to the majority of Winodws users. Microsoft doesn't want to distribute an update like this wide, because there is a risk that it will cause regressions for other users. Every update in the GDR branch is also put into the LDR branch, because ultimately the user is going to be running a single instance of the binary file, and so it better have all of the security updates included if it is going to also fix issues of lesser importance

          When you go to Windows Update and install a QFE, the package that you install usually contains at least two versions of the applicable binaries: One from the LDR branch, and one from the GDR branch. The hotfix installer will look at what is currently on system, and if you have the LDR version of the binary already installed, the hotfix installer will update with the corresponding LDR binary. The effect is that once you install an LDR update, you are now on the LDR branch for that binary for all future updates - that is, until the next service pack release.

          The service pack is a release that includes all updates from the LDR and GDR branches rolled up into one major release. Pre-release versions of service packs are provided to enterprises for testing, and to see if any of the updates that were put into the LDR branch break anything. This gives the enterprise and Microsoft time to address the issue and fix it for the final service pack release.

          Since not all enterprises participate in full testing of the service pack, there may be things that end up in the final version that can break things. This is why Microsoft will continue to support the pre|prior service pack release with security updates for a time, so that these issues can be resolved. At some future time, the pre|prior service pack becomes no longer supported, which is what TFA is all about.

      • by jjjhs ( 2009156 )
        Microsoft releases countless hotfixes for bugs for Windows that aren't released through Windows Update. They maintain separate branches, one is just security fixes that you get in Windows Updates and one is cumulative bug fixes that also includes security fixes (QFE) but you have to visit the particular KB article to download (in some cases request for free). Windows Update is smart, if you download the bug fix + security fix (QFE) it knows to install a newer QFE version of the file. Service packs incorpor
      • But IIRC not every patch that is in a Windows SP gets released as a separate patch in Windows Update, there are some that can only be found by hunting through the KBs which frankly is a bigger pain in the ass than just installing the SP. Honestly I've installed a shitload of Windows 7 systems since SP1 and I haven't run into a single problem with it yet, granted I use WSUS Offline so I don't have to reboot a dozen times but at the end of the day all that matters is if the system is 100% after the SP and so

    • by hairyfeet ( 841228 ) <bassbeast1968 AT gmail DOT com> on Saturday February 16, 2013 @05:42AM (#42920599) Journal

      Why is this flamebait? Do you know how many security patches are in the average Windows SP? I'm sorry but anybody who has waited this long and not applied SP1 is indeed an idiot because every script kiddie on the planet uses those patches and SPs to reverse engineer new exploits specifically targeting fools that don't update the thing.

      That said just because you need to apply an SP or a shitload of patches doesn't mean you have to do it the stupid way, not when there is WSUS Offline [wsusoffline.net] which will let you download and unattended install the service pack AND all the patches AND all the .NET updates AND any MS Office SPs and updates from 2K3-2K10 AND update DirectX AND Silverlight AND Windows media player AND Ineternet explorer, all at once and unattended. Granted if you are doing a clean install of RTM you'll probably have to run it twice of be sure to turn off UAC until you are done as it can't reboot and re-run itself with UAC on but for all the benefits of having everything done automatically while you go have lunch its well worth that tiny bit of effort.

      So there really is no excuse as between WSUS and Ninite [ninite.com] for all your third party stuff unattended, like flash, hulu, your choice of several browsers and AVs, etc you can take a bare drive and have a fully loaded fully patched Win 7 system in less than an hour and a half with you only being required for maybe 5 clicks all told, everything is taken care of.

      So I'm sorry but the parent is right, anybody that doesn't install SP1 is an idiot, they might as well turn off their firewall and take their unpatched IE and start surfing dodgy websites because they are frankly asking for it.

      • Re: (Score:2, Informative)

        by Anonymous Coward

        Windows 7 RTM is NOT unpatched. It receives security updates just like any other supported version of Windows. See above discussion. If you read TFA you see that what it's all about is that RTM will soon no longer receive those updates.

        • by jjjhs ( 2009156 )
          Service packs are more than just security updates.
          • so what? what purpose do these "extra features" serve for someone already getting all the functionality they need? why not just stick with security patches instead of layering on bloat?

            • Uhhh...Win 7 is one of the LEAST bloated OSes MSFT ever put out and looking at SP1 honestly there wasn't hardly anything that couldn't be considered security related in it, such as adding some more firewall rules for corner cases MSFT had encountered through user reports.

              The ONLY ones I've seen claim Win 7 is bloated frankly doesn't understand how caching and the new memory model works and then are shocked when Win 7 shows through task manager that they have no RAM when they actually do. in fact if you pu

            • bloat

              Can we please all agree to stop using this lame weasel word. Thanks.

      • every script kiddie on the planet uses those patches and SPs to reverse engineer new exploits

        >Pictures script kiddies with actual engineering skills *shudder*

        • Actually between all the new GUI tools and the exploit kits it really don't take much skill to learn how to do a basic tear down of a binary anymore. Its the classic "smart cow" problem in that it only takes one person to figure out the hard stuff, like how to write a GUI that does the task, and then the rest can simply use the smart ones tools to do the job.

          But anybody that actually has to clean infected systems will tell you that after every patch Tuesday a count down starts and between 2 weeks and 2 mo

      • It's pretty clear you don't understand what a Windows Service Pack is and is not, despite you calling other people idiots in your ignorance. So allow me to attempt to correct your misconceptions.

        Do you know how many security patches are in the average Windows SP?
        Yes, all the ones that had previously been released for the given version of Windows up to the time of release of the Service Pack. Service Packs are not, nor ever have been, a sole source for the installation of security updates. They offer a co

        • Oh please i know EXACTLY who the patches is for, I support SMBs and they are some of my best customers so I've been there, done that. That doesn't change my point that its going on 2 YEARS, if they haven't come out with a migration plan after testing it on a test bed by now? Then they aren't going to, no point in MSFT wasting time supporting them. After all how many businesses are still running XP which has several security weaknesses like its desire to always be run as admin that just can't be fixed? is MS

    • by Anonymous Coward

      If you don't have service pack 1 installed you are an idiot anyway to run a non-updated system.

      Yeah, because we all know that running Windows in an offline environment or closed network is an impossible scenario.

      Seems I've got over a dozen of those impossibilities running right now.

      As far as who is the bigger idiot, I'll leave that to the security community as to which one of us is more vulnerable (or gullible); You online with your "updated" system (which has historically protected Windows so well), or me offline with my outdated system.

      Good luck out there with your "mighty" Defender shield.

    • by Dunbal ( 464142 ) *
      Yup, I mean preaching about not being able to get updates to people who haven't updated their system is a bit - redundant.
    • Re:you are an idiot (Score:4, Informative)

      by egamma ( 572162 ) <{moc.liamg} {ta} {ammage}> on Saturday February 16, 2013 @11:04AM (#42921715)

      If you don't have service pack 1 installed you are an idiot anyway to run a non-updated system.

      There was almost zero benefits in SP1 for the average home user. Users can install all the needed security updates separately; in fact, this is often recommended, to reduce the size of the service pack download. Win7 received SP1 because Server 2008R2 needed the contents of the service pack.Here's what's in it for Win7:
      Additional support for communication with third-party federation services (those supporting the WS-Federation passive profile protocol)
      Improved HDMI audio device performance
      Corrected behavior when printing mixed-orientation XPS documents
      Change to behavior of “Restore previous folders at logon” functionality
      Enhanced support for additional identities in RRAS and IPsec
      Support for Advanced Vector Extensions (AVX)
      Improved Support for Advanced Format (512e) Storage Devices (devices with 4kb physical sectors)

    • If you don't have service pack 1 installed you are an idiot anyway to run a non-updated system.

      I don't have Win 7 SP 1 because my company still uses XP, you insensitive clod!

  • looks like (Score:5, Funny)

    by Anonymous Coward on Saturday February 16, 2013 @04:50AM (#42920425)

    2015 - year of the linux desktop

    • by slashdot_commentator ( 444053 ) on Saturday February 16, 2013 @05:43AM (#42920603) Journal

      Of course, no one is going to notice, since everyone will be using cloud computing accounts.

      • Re:looks like (Score:5, Insightful)

        by crutchy ( 1949900 ) on Saturday February 16, 2013 @06:52AM (#42920813)

        lucky for them much of the cloud is powered by linux

        • Big deal. Policy, not method, is the problem.

          • "year of the linux desktop" has been an inside joke for years, but a decent chunk of the modern world depends on linux already (often without even realising it), which is why i would argue that "year of the linux desktop" doesn't even really matter because linux has already made its mark and is increasing its domination

            microsoft and apple may win their little battles, but linux has the war beat with one hand tied behind its back

            policy of cloud usage is a problem, but i think the problems can be solved. i al

      • By 2015, I'm hoping to have my Cloud 2.0 business off the ground.

        It'll be much like now, only with more Flash.

    • when i read "windows rtm" the first thing that came to mind was "read the manual"

      maybe linux ideology is already infiltrating... by stealth :)

      • by SST-206 ( 699646 )

        when i read "windows rtm" the first thing that came to mind was "read the manual"

        The manual? They'll be expecting us to RTFA next! ; )

    • by Kjella ( 173770 )

      You know, it could have been... Windows 8 is slow out the gates, it's still stuck in the "other" category on StatCounter which last week was 4.48%, I'm guessing 4% Win8 as there's always been half a percent other while at the same time after release Win7 had 10% uptake. If Linux had been ready this is probably as good a time as the Vista launch. Macs have slowly been chipping away at Windows' market share and will probably take another upswing as Microsoft is busy pushing touch-laptops/tablets/hybrids, whil

  • by c0lo ( 1497653 ) on Saturday February 16, 2013 @04:52AM (#42920429)
    Now, look, MS... I don't know what's in your mind lately, by I get better support from other [wikipedia.org] operating systems.
    • Re:(groan) (Score:5, Informative)

      by kthreadd ( 1558445 ) on Saturday February 16, 2013 @04:58AM (#42920457)

      Windows 7 SP1 has been out for nearly three years now. That's a very reasonable time to update, especially since the update is free to Windows 7 RTM users and in general should not break any software compatibility. So I don't get what the problem of dropping support for RTM would be.

      • by c0lo ( 1497653 )

        Windows 7 SP1 has been out for nearly three years now... So I don't get what the problem of dropping support for RTM would be.

        Let me explain loud and clear... whoOOOoosh!
        You got it now?

        (besides, the OS I pointed to has a stellar [slashdot.org] level of support by comparison)

        • Re: (Score:3, Insightful)

          by hairyfeet ( 841228 )

          But you and everyone else is ignoring the elephant in the room, the same one that causes me to this very day to have infected system cross my desk that are still running XP SP2, and that is piracy.

          The reason why so many unpatched Windows systems exists is because the pirates kill Windows Updates for fear that their pirated system will get flagged for WGA. Now this is a case where I can't blame MSFT, you can buy an OEM copy of Win 7 Home for around $100 which equals just $14 a year for the life of the OS, so

          • by c0lo ( 1497653 )

            But you and everyone else is ignoring the elephant in the room, the same one that causes me to this very day to have infected system cross my desk that are still running XP SP2, and that is piracy.

            Au contraire, mon ami, au contraire, I'm not ignoring piracy. In fact, I'm so convinced that copyright should protect honest work that I decided it's better for me to use products not made by MS.

            But considering the only systems I don't see patched after SP1 was released nearly 3 years ago is pirate systems I just can't blame MSFT for dropping support as pretty much all that is left without SP1 is the pirates it seems.

            (friendly kidding now) Well, has been quite a while since I used a MS OS... but somehow I still can't believe that the pirated systems using MS OSes IS actually a single one - if true, either MS is doing great financially or is totally busted.

          • by mcgrew ( 92797 ) *

            If you're running pirated software you're probably pre-rooted anyway.

            • Actually the pirated versions are virus free, I know it shocked the hell out of me too but I was handed a couple of copies of Win 7 (all version X86 and X64) by a friend who wanted to know how many bugs they had, the answer? None, unless they are the most brilliant bug writers that have ever lived and can fool over a half a dozen scanners which I have yet to see any bug pull off. Hell even Comodo gave it a clean bill of health and that is one of the most "err on the side of caution" scanners I've ever seen,

              • by mcgrew ( 92797 ) *

                A virus scanner will only detect known viruses. The hack you mentioned could do anything it wants and no scanner will detect it, because it isn't a virus, it's built in. The only way I could trust it is with a third party checksum like Linux distros use, and the hack came as source code you compiled yourself.

                I agree with you about pricing and piracy, I felt really ripped off paying $125 for XP that was a must-install because I lost my driver disks and no W98 drivers were available after my daughter installe

  • by tsotha ( 720379 ) on Saturday February 16, 2013 @04:57AM (#42920447)
    I think I can make it to the next bearable version of Windows, assuming they keep following the "every other version is crap" strategy. There's no way I'm every going to buy the mobile operating system they've released for my desktop.
    • In the meantime, there are always tools like http://www.wsusoffline.net/ [wsusoffline.net] to roll one's own Service Pack 2 in case a new install becomes necessary (English introduction is below the German one).

    • won't be long... microsoft knew long ago that w8 was a looming disaster so they'll be frantically trying to make up some new icons for w7 so they can rebrand it as w9.

      maybe it'll have some kind of new bastardized desktop icons resulting from a traditional icon having sex with a desktop widget to spawn something like those rediculous tiles in w8... maybe to at least attempt to avoid appearing like a complete backflip

    • by bazorg ( 911295 )

      There's no way I'm every going to buy the mobile operating system they've released for my desktop.

      so you honestly believe that the Metro UI, the app market and the other desktop->mobile OS changes from W7 to W8 will all be temporary and removed in W9? I'd suggest to anyone avoiding Metro to try the Skype and eBay apps in Windows 8 before deciding that W8 and "mobile-ification" is a dead end.

      • by epyT-R ( 613989 )

        It's not application availability, it's the interface itself that sucks for desktop work. skype and ebay are hardly the bread and butter of someone using a desktop machine...and since when does a website really 'need' an 'app' in the first place? It's redundant and done more for marketing than anything else. They want to see their icon on your 'mobile desktop.'.. woohoo..

    • The good news is you won't have to wait long. [zdnet.com] Windows is moving to an annual release cadence.

      There's no way I'm every going to buy the mobile operating system they've released for my desktop.

      The bad news for you is the desktop is dead. The writing has been on the wall for years.

      • by tsotha ( 720379 )

        The bad news for you is the desktop is dead. The writing has been on the wall for years.

        This is nonsense. Netbooks and tablets are useless for serious work. You're not going to get cubicle dwellers to tolerate tiny screens and tiny and/or missing keyboards. There has been a slight decrease in the number of desktops shipped, but I could argue that's as much because we've reached a plateau on CPU speed and businesses have realized you don't need to replace them every two years.

        As for home users, well, mos

  • by AbRASiON ( 589899 ) * on Saturday February 16, 2013 @05:14AM (#42920517) Journal

    I'm one of those "sympathisers" here who doesn't loathe Microsoft.
    Hot damn though, anyone here who does install Win7 SP1 regularly (as I do) there's about 2 to 300mb of patches and at least..70 or so of the bastards, they take forever to install as well (disk thrash)

    For goodness sakes, just release SP2 already you bastards.

    • Mentioned it above, but just use http://www.wsusoffline.net/ [wsusoffline.net] to roll your own WP2.

      • Is this one of those tools which downloads each individual required MSI / EXE to make an install directory, to install from?
        If so - it's still going to thrash the disk, more so than the offiical updater which downloads all, then installs one at a time.

        That's a lot of double clicking to install each file sequentially,...... we shouldn't have to do this.

        • It grabs all the available updates and creates an up-to-date image that can be written to an external media for automated updates.
          In the end, it's just like an offline Service Pack, only that you don't need to wait for the guys in Redmond to finally get their asses moving.

        • by hairyfeet ( 841228 ) <bassbeast1968 AT gmail DOT com> on Saturday February 16, 2013 @06:05AM (#42920687) Journal

          Nope it only downloads them ONCE and that is it, you can do a thousand installs from that one WSUS Offline install. I keep it on a shared drive with every SP and update from XP-Win 7 and thanks to WSUS this includes the MS Office SPs and updates, .NET installs and patches, WMP and IE patches, all in one simple shared folder. I can even tell it to say "just make me an installer with all the Win 7 patches along with MS Office 2K7 and all the extras and put it on this flash stick" and it'll do so, great little tool to have. And when you run it its all unattended, no having to click each update, and if you turn off UAC while it runs it'll even reboot and do a double check just to make sure there aren't any later patches you need that have to be installed after the SP1 reboot, just handy as hell if you need to install Windows clean.

          Of course since I have every version of Windows I see in the shop plus every version of MS Office I see plus all the goodies that shared folder is now 11.3GB but considering I can have it copy just the patches I need for what I'm working on and drive space is cheap i honestly don't care, all that bandwidth used for updating a clean install of Windows is saved so its well worth a lousy 11.3GB on a 500GB shared drive to me.

      • If it's so easy to make your own service pack, why does MS release service packs so infrequently? There has to be a catch.

        Then again, given how extensively XP is used, there really should have been a SP4, and it would really be nice if there would be an EOL Service Pack when support is finally dumped. I still maintain a few XP systems, and starting with SP3 (or even an nLite slipstream) can be a pain.

    • Just use dism.exe (Score:5, Informative)

      by benjymouse ( 756774 ) on Saturday February 16, 2013 @05:37AM (#42920585)

      Use dism.exe. It will let you capture freshly installed machine - even with installed applications - back into an install image, i.e. slipstreaming. From the install image it will work exectly like the original image, only it will have all of the installed service packs, updates and patches already installed.

    • Re: (Score:2, Funny)

      by Mashiki ( 184564 )

      For goodness sakes, just release SP2 already you bastards.

      It's called Windows 8, with the damned awful metro UI removed.

    • Actually, after Service Pack 1, most of the updates are what I call cumulative updates--the additional patch files are probably going to be less than you think, especially for Internet Explorer and the .NET Framework files.

    • by mcgrew ( 92797 ) *

      I'm one of those "sympathisers" here who doesn't loathe Microsoft... For goodness sakes, just release SP2 already you bastards.

      My head just asploded.

  • Are they going to start telling us to RTFM?

  • When WinXP was at its life cycle, there was only Vista so nobody wanted to upgrade. There was a HUGE customer demand for Microsoft to continue support, and Microsoft listened. With Win8 being a poo pile and I expect Win9 will not be much better. Will Microsoft listen to to the customers again or will they cut their own throat?
  • 5 hours (Score:5, Funny)

    by dshk ( 838175 ) on Saturday February 16, 2013 @08:34AM (#42921143)
    I recently installed Windows 7 on two machines. It took 5 hours on both machines to download, setup all patches. It restarted itself about 15 times. The Windows update process is ridiculous.
    • Re: (Score:2, Insightful)

      by mcgrew ( 92797 ) *

      I recently installed Windows 7 on two machines. It took 5 hours on both machines to download, setup all patches. It restarted itself about 15 times.

      I recently reinstalled kubuntu 10.04 because 12 sucked. It took half an hour, only one reboot. Strange that a free OS is so superior to an expensive one.

      • Kubuntu 10.04 was the buggiest Linux distro I have ever run. KDE4 has come a long way since then.

        I'd recommend running the KDE version of the latest Linux Mint instead of that old crap.

        • by mcgrew ( 92797 ) *

          I actually plan to do just that. I backgraded to kubuntu 10 because I had an install CD handy, but have been planning to migrate to Mint for a while. Everyone seems to love it and I haven't heard anything bad at all about it.

        • by rdnetto ( 955205 )

          If you're going with KDE, I'm not really sure what the point of going with Mint is, other than to avoid Kubuntu. FWIW, I use switched from Kubuntu to Debian with KDE and have no regrets.

  • So when are they dropping support for Windows 8? With all the discussion about dropping support for 7 and XP, maybe I will go back to using Vista.
    • by cjjjer ( 530715 )
      The only reason XP lasted so long was due to its install base. Win7 has nowhere near that so I expected a shorter support timeline. Win8 will be more popular with mobile devices and we all know how that works (cough Google, cough Apple).

      And since Microsoft is now working on "Blue" http://www.theverge.com/2012/11/28/3693368/windows-blue-update-low-cost [theverge.com] we probably can expect the same thing from them as well. OS's will last as long as the hardware they were designed for and no more. This is how the futur
  • Not Surprising (Score:2, Interesting)

    I dropped my RFTM support for Windows after XP (and went with Linux), after MS decided to rename things and provide a near useless search function, since it does not include the old names in the search with links to newly re-named things.

    Linux might not be much better with the different init and configuration systems, but I am NOT going to paying in order to put up with that. It's especially not worth dropping a few thousand dollars to install Microsoft's OSs on all my systems if they're going to speed

  • The easiest thing Homeland Security can do is to force longer, deeper penetration of the latest security fixes for all consumer operating systems.
    It's amazing to me how anybody could feel comfortable applying 300mb of fixes. What the hell is in there that fixes security?
    1) Mandate absolute transparency and allow user to select downloading and installation only of security-critical code.
    2) Force manufacturers not to add in anything else to those portions that are really security-critical.
    3) Create a list of vulnerabilities that is updated daily, and grade operating systems against whether they have fixes for them. If they believe in obscurity they must still give a code-name for the vulnerability and security researchers must be told what they mean, show the code and allow them to vet how well the vulnerability was fixed. An automated scoreboard and forum could be developed that aggregates the results of this distributed attack on peevishness by companies like microsoft and oracle who leave huge numbers of fixes unpatched until a good PR moment.
    4) Force manufacturers to continue providing fixes (security patches only) to all users. It is not reasonable to allow the majority of the market to become a time-bomb and individual businesses, private users are held hostage.
    5) In the case of an open source / community developed distribution, provide the same guidelines and services as is done by Homeland Cybersecurity for commercial vendors, however forcing a community is impossible. Instead a community or a manufacturer (like RedHat) can at least be graded on its response and the availability in an open repository of the required fixes.
    6) Do all this for applications, libraries and drivers, not just operating systems.
    7) Do this for routers
    8) Do this for websites.
    9) Define security and the maintenance of security as a process requiring transparency by manufacturers in order to encourage users to adopt patches and make them easier to download.
    10) Provide help, guidance and code to community distros and programming teams who can choose to use it, which will make it easier to more frequently issue security patches. It should be a lot easier for users (even on linux) to maintain an up to date system without worry of something breaking or being unable to back up settings, data, etc.

    The responses of Microsoft and Oracle to the security realities confronting their customers is pathetic, medieval and takes advantage of general apathy and cluelessness. The result is a never-ending pool of machines vulnerable to every attack to appear in the wild.

    This would remove a huge amount

Air is water with holes in it.