This applies to all self-managed computers (servers, workstations and laptops) on which the product "Sophos Anti-Virus" from the IT store is installed.

"Sophos Anti-Virus" will become End of Life by the end of June 2023 and will be no longer supported by the vendor or ETH Zurich. After this date, there will be no updates and your machine will not be sufficiently protected any longer.

ETH Zurich recommends using the built-in antivirus solution of the respective operating system.

Detailed instructions for uninstalling Sophos Antivirus and activating the antivirus solutions of your operating system can be found in the following link in the IT Knowledgebase: Anti-Virus: Replacement of Sophos for Self-Managed Devices.

Users of managed Windows Computers by ISG can ignore this information because we will manage the transition from Sophos to MS Defender automatically.

The time has come to upgrade your Windows 7 computer to Windows 10
since extended support for Windows 7 ends on January 14, 2020 (Windows lifecycle).

Why can I no longer use Windows 7 on the ETH network after the end of 2019?

Only operating systems with security support by the vendor are allowed to connect to the ETH network.

• ETH Rechtssammlung, Standards für Verantwortlichkeiten und Systempflege
• IT Best Practice Rules

Unsupported operating systems that no longer receive security updates render the computer vulnerable to threats like viruses, malware or hacker attacks and also pose a threat to other computers on the network.

What should I do now?

• If you are using an OEM computer with preinstalled Windows 7 for your daily work, please update it to Windows 10 by the end of this year, at the latest. The easiest way is to use the "Microsoft Media Creation Tool" available here.
  This process is called "inplace upgrade". All applications and configuration settings should be kept.
• If your computer is installed with the Windows 7 Enterprise license from ETH IDES, order Windows 10 Enterprise from the IT-Shop and use it for the upgrade.
• If your computer is located in a lab and needs to be highly available to collect measurement data, there is the possibility to use a Windows 10 LTSC version instead of the Enterprise version. Please contact your IT administrator within your group. He should be able to help you or can get in touch with us if he needs additional help. More details about the LTSC version are described on our readme page.
• If you think that you cannot upgrade your computer, please refer to our readme for possible solutions or contact us.

Note that at some point the network security group of Informatikdienste will start scanning for remaining Windows 7 computers at which point we will be forced to disconnect them from the network.

In the last few weeks we discovered some attempted attacks on the Windows Remote Desktop feature from sources outside of ETH.

In order to protect both your machines and our network, we decided to block RDP access from ETH-external networks. If you still need access from outside the ETH network (e.g. from home) you have to first open a VPN connection to ETH and then start the Remote Desktop client.

More information about installing the VPN client is available here.

Microsoft will provide a final bunch of patches for Windows Server 2003 on July 14th. 2015. After then, no more security and stability fixes are going to be released. This means that still running Windows Server 2003 machines conflict with the ETH Bot (Acceptable Use Policy for Telematics) which requires that every computer connected to the ETH network must be fully updated and secured.

The central IT security group of ETHZ continuously inspects the network streams for signatures of XP and Windows Server 2003 computers. If you have a running Windows Server 2003 machine connected to the public network, please migrate the operating system to a newer version i.e Windows Server 2012.

If you have any questions or need help please do not hesitate to contact the ISG D-PHYS Helpdesk

On July 13th 2010, Windows 2000 Server/Professional and Windows XP Service Pack 2 will no longer be supported with security updates by Microsoft.

Machines running these operating systems should be upgraded to newer versions like Windows 7 or Server 2008 if they are directly connected to the D-PHYS network.

The IT Use Policy of ETH does not allow systems without an active patch cycle to be connected to the ETH network.

Please make sure that all computers running any of the affected operating systems have been migrated by July 13th 2010. The same also applies to even older systems like Win 9x or NT 4.0 of course.

More information about Microsoft Support Lifecycle can be found here.

Last night Microsoft has released the Security Bulletin Summary for November, 2009.
If Automatic Update is not activated yet, then you must visit Microsoft Update to install the Security Updates.

Last night Microsoft has released the Security Bulletin Summary for October, 2009.
If Automatic Update is not activated yet, then you must visit Microsoft Update to install the Security Updates.

Last night Microsoft has released the Security Bulletin Summary for September, 2009.
If Automatic Update is not activated yet, then you must visit Microsoft Update to install the Security Updates.

Last night Microsoft has released the Security Bulletin Summary for August, 2009.
If Automatic Update is not activated yet, then you must visit Microsoft Update to install the Security Updates.

Last night Microsoft has released the Security Bulletin Summary for June, 2009.
If Automatic Update is not activated yet, then you must visit Microsoft Update to install the Security Updates.