[CrLf]

And one might argue they are taking the sane approach to the upgrade treadmill. It's easy to forget technology is supposed to solve real problems and that there's no economic incentive to use new toys to solve already solved problems, possibly introducing new issues with less well-known solutions.

The fact businesses are extending the life of systems not because they are unwilling to invest in upgrades but because they work just fine is a sign that the industry has reached a good level of maturity. It's a good thing. We should all be working collectively to solve new problems instead of reiterating over the same problems again and again.

In the old days of NT4 a 4-year old system would accumulate maintenance costs. Today, Windows 2003 is 13 years old and still pretty serviceable.

I'd be more worried about businesses accumulating unsustainable technical debt than accumulating old (but stable) technologies.

[illumin8]

Windows 2003 is end of support life and you aren't receiving security patches unless you're paying Microsoft a huge amount of money for extended support.

One might argue that it's insane to run a 13 year old OS that is not getting security updates any more at your business.

[CrLf]

Windows 2003 is EOL because Microsoft wants to push customers to the latest version. Customers have been pushing back at this for a while now, but Microsoft (and other vendors) makes more money selling the new shiny than extending their products' lifecycle.

In an ideal world, operating systems (server and desktop alike) would already be on a 5-year release cycle with just yearly incremental upgrades in between (as much as the vendor can manage in a service-pack model).

Is it insane to run systems without any security updates? Even within the lifecycle of the product many businesses never even patch after the initial install. I personally know people that live by this: never patch anything unless presented with proof that it's necessary to do so (I don't completely agree with this, but money has been lost catering for low-impact security updates and people tend to learn a few lessons from it).

Security is more about risk management than being free of vulnerabilities. The issue isn't going by without security updates, is doing so without assessing the risk.

[brazzledazzle]

Correct me if I'm wrong, but hasn't Microsoft introduced a lot of security features into the versions since 2003?

[poooogles]

>Today, Windows 2003 is 13 years old and still pretty serviceable.

Unless you're maintaining Server 2003 itself, at which point it comes with 13 years worth of problems.

[tammer]

Absolutely. I'm involved in systems design & IT strategy for a very large institution. By and large we've found literally zero advantages imparted to end users by Windows 10, besides being forced to deply it by MS deciding to early end-of-life Win7. Some cool features in Server 2016, but nothing that will affect a user's workflow in the slightest.

[duncans]

I was a bit of a Windows 7 stalwart until recently. I upgraded my parents' Vista machine to Windows 7 ... very sluggish. Thought I really needed to get them an SSD at some point. Then I upgraded it to Windows 10 on a whim - incredibly snappy. No need for SSD yet.

[tammer]

Sure, snappier on older hardware is a plus. But we've got a 4 year replacement cycle, and a slight increase in snappiness isn't what I'd call a major upgrade.

[CyberDildonics]

You dodged a $40 bullet there.

[toyg]

I absolutely agree! I guess my complaint is that MS is developing all this new stuff with no regards for the installed userbase -- they are all add-ons for Windows 10 and 2016 Server, rather than standalone cross-version apps that could be deployed sooner on existing infrastructure. It's obviously easier for them, but it means "normal people" will not be able to enjoy most of these advances for a very long time.