Using obsolete software

Once computer software reaches the end of its life, the software vendor can no longer supply updates and patches, subjecting your computer to security risks. Be sure your software isn’t obsolete, and keep an eye out for upgrade information from the Computing Sector. Photo: debs-eye

Has this ever happened to you? You have some computer software, either an operating system or an application, that has been working reliably for you for many years. Suddenly you receive a notice that the version of the software you are using is no longer supported and that you need to update to a more modern version. You follow instructions and successfully install the updated software. But then all sorts of things start going wrong: Previously working applications break, and the new look and feel is completely irritating. You resolve never to update working systems again.

Unfortunately, not performing timely updates can have even worse consequences, and it’s against laboratory policy. Fermilab continues to support old software as long as vendors continue to supply security patches for any bugs that are found. But when software versions reach end of life, the vendors will stop supplying fixes, and this creates a serious problem.

Bugs constantly turn up in virtually all software, and many of these bugs represent security risks if left unpatched. The bugs often allow unauthorized users to run their own code on your system. Bugs in software versions still under vendor support are fixed promptly, preventing infections, but bugs in obsolete software remain unfixed and subject to exploitation.

Dates for software reaching end-of-life status are normally announced well in advance. This allows IT support staff to thoroughly evaluate the new versions before scheduling software updates. Every attempt is made to ensure that necessary applications will continue to run on the updated systems.

This is particularly relevant now because several widely used software systems are reaching end of life quite soon. These include:

  • Windows XP (as well as Office 2003): Target end of use at Fermilab is Feb. 14; end of life is on April 8. Users should upgrade to Windows 7.
  • Mac OS: OS 10.6 (Snow Leopard) is already out of support, and target end of use is Feb 14. Users should upgrade to OS 10.7 or 10.8 (Lion or Mountain Lion).
  • Java version 6 is already out of support.

Watch for and please pay attention to email from your Computing Sector business analyst regarding updating these software programs. Business analysts for your division, section or center have instructions for handling upgrades or replacing obsolete systems. Please cooperate when you are asked to upgrade your systems. Despite the potential inconvenience, it is too dangerous to allow obsolete software to remain visible on the Fermilab network after end-of-life dates.

Irwin Gaines