Exception Process for Windows Server 2008 End of Life (EOL)

Overview

On Jan. 14th, 2020, Microsoft discontinued support for Windows Server 2008. After this date, security patches are no longer released for Windows Server 2008 systems and they will be easy targets for hackers looking to exploit these systems. 

Campus policy requires that devices connected to the network run software for which security patches are made available and installed in a timely fashion. Therefore, Windows Server 2008 is no longer in compliance with campus policy.

To obtain an exception:

Use this form to submit an exception request: Information Security Policy Exception Request Form. Exceptions are allowed only if there is a valid reason the system cannot be upgraded.

Receiving a security exception will also require purchasing an extended support contract from Microsoft. Under this contract, Microsoft will continue to provide security updates and other hotfixes for an additional year. More information is located at: https://sites.google.com/berkeley.edu/windows-server-2008-eol/home.

For systems hosting UC P4 (formerly UCB PL2) data, systems administrators must include mitigating controls in the exception request form in addition to the above. 

Please submit your security exception request as soon as possible. 

Important Dates:

  • Jan. 15, 2020 - ISO will send last reminder tickets for all systems running Windows Server 2008 connected to the campus network (and without an exception on file) requesting the devices be upgraded or removed from the network.
  • Feb. 1, 2020 - ISO will begin blocking all unsupported Windows Server 2008 devices seen on the campus network