Heads-up: Changes to Duo's Windows Policy incoming


#1

Effective today, November 14, 2018, Duo is changing which versions of Windows are considered End of Life (EOL) in our Policy Engine to align with Windows Extended Support definitions. Before this change, Windows 8, Windows 7, and other older versions were treated as EOL. After this change, Windows 10, Windows 8.1, and Windows 7 will be considered supported, while Windows 8 and other older versions will continue to be considered EOL.

If you use policies to block or warn Windows 7 devices, we encourage you to consider how this will impact your security posture. This change will allow previously-blocked Windows 7 devices to gain access. If you want to continue blocking or warning Windows 7 devices, you will need to update your policy configuration.

Specifically, we are making the following changes to our Windows Operating System policy control:

  • Updating our definition of “End-of-Life” to match “End-of-Extended-Support” instead of “End-of-Mainstream-Support” as prescribed by Microsoft’s Fixed Lifecycle Policy. This will change Windows 7 from EOL to Supported. We feel comfortable making this change because Microsoft continues to push security updates to systems running those versions of the OS. With this change, starting today, November 14, Duo will consider:
    • Windows 7 to be be supported until January 12, 2020
    • Windows 8.1 to be supported until January 10, 2023
  • Starting today, November 14, the Duo policy control for Windows Operating System will be updated to reflect this change. When configuring OS policies in the Admin Panel you will see that EOL versions are Windows 8, Windows Vista, and below, but no longer Windows 7.

Please let us know if you have any questions or concerns about this process.