Skip to end of metadata
Go to start of metadata

Alerts

No Alerts at this time.

E-mail: security@lbl.gov

Windows Server 2003 Disallowed

Background

Microsoft's support for Windows Server 2003 ends on July 14, 2015.  This operating system will no longer be possible to secure, since Microsoft will not provide security patches. Windows 2003 will become increasingly vulnerable to online threats such as viruses and hackers. 

Options

How to upgrade

The most straightforward option is to upgrade to Windows Server 2012 R2.  There is no in-place upgrade path from 2003 to 2012.  You will have to perform a clean install. You can upgrade in-place from 2003 to 2008.  Generally, we do not recommend an in-place upgrade, a clean install is best.

Exceptions 

We expect very few exceptions. Unlike Windows XP, which controls many instruments, we know of few cases where Windows Server 2003 is specifically required.  If you think you have a case for an exceptions (e.g. controls expensive equipment) please email security@lbl.gov with details.

FAQ

  1. When will LBNL block Windows Server 2003 computers?

    Aug 17, 2015
     
  2. How will LBNL block Window Server 2003?

    • DHCP computers will be denied boot, preventing all network access.  
    • Static IP address computers will be blocked from all network access (null routed). 

  3. What about wireless?

    All of the details and plans above apply to the wireless network as well.
     
  4. How does LBNL know if a computer is Windows Server 2003?

    We have several techniques in place to track which computers are running Windows Server 2003, including nmap OS fingerprint, Bro policies, and records in various institutional Windows management systems (e.g. AD, WSUS, and BigFix).
     

References