Security, Managed IT Service, Cloud

Server 2012- End of Support

February 15

According to the Microsoft official, Windows Server 2012/2012 R2 will reach its extended end of support date this year, October 10, 2023. A huge security risk can occur when using hardware that is no longer supported. We will cover what that means and steps you can take now to prevent encountering problems in the future. Organizations currently using one or more of these servers should begin planning, budgeting, and strategizing around how they will address their server environment.


Will Slappey
Hello and thank you for listening to Technology Simplified Tech talk everyone can understand. I'm your host Will Slappey, and today and I'm joined by Scott Curtis. Scott serves as a virtual Chief information officer here at IT Voice. He is passionate about client success and using technology to help them reach their goals. He is serious about network security and protecting businesses from holes that make them a target for cybercrime. 
A huge security risk can occur when using hardware that is no longer supported. Windows Server 2012 will be reaching end of support in October of this year. We will cover what that means and steps you can take now to prevent encountering problems as a result. So, Scott, Windows Server 2012, man, it's hard to believe that we will reach the end of support. I feel like yesterday that that was released.  By October 10, 2023, this year will be the end of support.
What exactly does that mean? To your average businessperson like, okay, what does end of support mean? 

Scott Curtis
Yeah, it's really three things. So, the first thing is, and really the most important is you no longer get security updates. One of the things that happens with a server operating system on a very regular basis is hackers find ways to get in, they find flaws in the system and the security updates patch those flaws. So as of October 10, this year, there's no more security updates. And going back in history, when we look at both server support and workstation operating systems that are no longer in support, as soon as October 10 date comes around, that's when the hackers start attacking.
So one example, and this is going way back is one, XP went out of Windows, XP went out of support. That was a hacker's playground for a year. Actually. When Server 2008 went out of support, that was another one. There was a year of just enormous hacking activity from that. So that that's big. You're also not going to get the regular operating system stability type updates. The things that keep the operating system stable, that's not going to happen anymore.
They just cut those updates off. And another big one, this is rare, but sometimes we, when we are supporting a client that has a server, we have to contact Microsoft in order to get corrupted files fixed or find out what the bug in the system is. That's not working properly. As of October 10, we can't call them anymore. There is no longer support calls for bugs and corrupted files, etc. They'll just say, sorry, look at the articles online and see what you can get. So those are really the big three things that happen.

Will Slappey
Yeah, for sure. One of the things you mentioned, XP, which I thought was a great example, but most people knew they were on XP because when it booted up, it would tell you, right? You would kind of constantly be informed of that, reminding you. You might have a business owner or somebody that's listening to this that is like “I have no idea”. I mean, we just call it the server, we just call it the Y drive, the P drive, the S drive, whatever and no idea. 
So how would they even find out easily if they potentially have an issue with an old server version?  How would they find out what the server version is? 

Scott Curtis
Yeah, you would want to log right into the server using your admin password and then just type in system and it'll pull up exactly what operating system is working on it.

Will Slappey
Right? And sometimes even if you're just looking at the screen, sometimes it'll even say it when you log in. You can go to the server to figure that out. So as a quick to do item for anybody listening out there is, obviously hopefully you've got an MSP or IT Director or person in house, whoever that might be, to handle the IT. Just ask them the question and if you don't have somebody then go yourself and take a look.
So one thing that a listener might wonder is like why is there a set end of service state? Why is that my car doesn't have an end of service date? And all of a sudden, it's like, okay, on October 10th, you can no longer use that old Honda Accord and it's done. So why don't the servers have an end date to begin with?

Scott Curtis
Yeah, there's really two reasons. One is that Microsoft has to put their research and development into the new stuff and they've got people dedicated to making sure that the server 2012 operating system is secure and safe. So, at some point they need to move those people over to another operating system to keep it secure and safe. So, it's just a smart business decision on Microsoft's part. And the other reason is totally selfish for Microsoft. They want you to get into a new operating system and buy it from them.

Will Slappey
Right. And what's the most current version operating system that's out there now?

Scott Curtis
From a server perspective, it's 2022. You get a new server operating system every three or four years is when they do a refresh on the operating systems.

Will Slappey
Yeah, to put in perspective for people listening out there, the one that is reaching end of service is four versions behind. At some point they do have to drop it off and that makes a lot of good sense. So, let's say someone is running their business off of one of these machines. They've got a 2012 server that's in house, it still functions, it's doing what it's supposed to be doing. Maybe they even say, you know what, we just use it for x. A lot of our stuff is on the cloud or whatever, but they're looking at it and just like, hey, it's working fine. We don't do a ton with it, whatever it might be. What's really the harm if it’s behind a firewall? What's really the harm with just letting it ride until it dies?

Scott Curtis
Well, once again, you have to go back to the security, because even if you have a firewall in place and even if there's antivirus on the server, there are ways in that are continually being patched right now and they're not going to be patched anymore. And hackers are going to take those exploits and run with them. And eventually, if they want to, they can get into your server. The security part is a big thing.
The other thing is it's like everything else that you put off because someday you're going to need to either replace the hardware or get into a cloud environment for your server, or you're going to be at a point where you're in an emergency situation. I can't tell you how many times that a client of mine had an ERP running on an older server version and they were forced into an upgrade of their ERP and along with that, they had to upgrade their server operating system, which had been running fine all the way up until then.
And let me tell you, a project where you're not only upgrading your server operating system, but upgrading the ERP at the same time is a lot bigger dog to tackle than just doing one at a time. So being on top of these things, even though it's going to cost you a little bit to do it upfront, but being on top of these things and doing them in chunks is a lot easier on you and your business than having to do everything at the same time.

Will Slappey
Yeah, that makes a lot of sense. And it introduces a lot more variables as well, because if suddenly you change multiple things and then it's not working, it gets a lot more difficult to try to figure out, like, okay, why is this not working? I'm glad you brought the expertise piece as well because companies like us are doing a ton of upgrades in that last five years. Seven to five years of where we're doing a ton of them. And the longer that you get past that, the less the expertise is. If you're doing one every day, it's like you can do it much more efficiently because you really get into good rhythm. And the longer it's been since you've touched something, the harder it is to do it efficiently. And the tools and support all of those different things are just not as good as when you're kind of doing it in the normal rhythm, if you will.
 What about a business who wants to use this as an opportunity to modernize their infrastructure in their office? How might they approach this.

Scott Curtis
There's a couple of different ways to approach it. One of the things to know is a lot of times when your operating system is out of date, the hardware it's sitting on is getting out of date as well. Sometimes we do what's called back revving an operating system so it'll work with whatever software that they're using, their ERP or whatever. But in most cases, if Server 2012 is sitting on a server, that server might be between seven and ten years old.
And really, as far as what I trust a life of a server to be is more in the five-to-six-year range. So, it's time to think about maybe this hardware needs to be replaced as well. When you think about it, you made the analogy of a car, man, if I want to drive cross country in a twelve-year-old car, I'm a little bit nervous. You know, I would rather have a two-year-old car driving cross country than, than a twelve year old. And the other thing is, it might not be a bad time to start looking at the cloud server options that are out there.

Because I remember when they first came out and they were kind of clunky, they didn't work the way anybody really wanted them to and it took a lot to get them implemented. These days, it's almost like just moving everything over to the cloud and flipping it on. And the nice thing about the cloud is you don't get into these situations where your operating system goes out of service. Because when you're in a cloud environment, then whoever's providing that to you, it's their job to keep you up to date. And they must do all these upgrades in the background.
All you have to do is just keep running your business. So, it's really two things. Either upgrade your hardware- it's a good time to upgrade your hardware- or look into those situations where a cloud server would actually fit.

Learn more about cloud options

Will Slappey
Yeah, so this might be the last upgrade that you have to do. I guess that could be the silver lining if you're able to go all cloud. The last thing I was going to add to the previous question just for listeners out there, because I think that there could be a notion that this is not an important server. Even when you're talking about all the hardware and aging and whatnot, there might be a business owner out there that says, you know what, this server we've got is not critically important. If it were to crash, it's not going to stop our business from operating and those kinds of things. And so from a productivity perspective, it's not critical.
But the one other note that we hadn't touched on as much is how the different servers are integrated together. From a network perspective, all the Windows servers talk to each other. They even talk to the cloud if you're using Office 365 and those kinds of things. And so, you're only as good as your weakest link. If you've got an older server that's a part of that web of servers, then if it gets compromised, that could lead to a compromise because they compromise a user account or something on that server. Then they can get into all the other servers. They can get into your 365 and the whole the whole nine yards. Some people might be thinking, yeah, go ahead, ransom that server. Go ahead.
If that server crashes from a physical, like, I don't really care enough about that, not realizing that that could be a backdoor into your entire system and network. Anything else you would add there?

Scott Curtis
Yeah, the analogy of the oldest one being the weakest link is really good because the door has to open somewhere. And if you've got a 2012 server and you've got three 2022 servers that are super secure and they're getting all the patches and suddenly that door opens in the 2012 server, then your whole network is exposed at that point because once it's in, it can do what it wants to do.

Will Slappey
Yeah. Well, that is all for today on the Technology simplified, Tech Talk Everyone Can Understand. Hopefully this information will help everyone still running Server 2012 get prepared well before October. Thank you for your time today, Scott. We appreciate having you on the show. If you have any questions about today's episode, feel free to reach out, subscribe to our podcast to stay informed on the ever-changing landscape of business technology

Questions? We Would Love to Hear From You! Send us a Message at


Watch the full episode: