On October 12th 2021, Microsoft formally ended support for Windows POS Ready 7 (details here); although Microsoft support for Windows 7 stopped in January 2020 the version installed on the EPoS terminals has an extended lifecycle.
We have identified some businesses that are using EPoS terminals that have the version of Windows 7 which is no longer supported. Those affected businesses will be contacted by email and telephone calls over the coming weeks from the 1st March 2022 onward.
If you would like to check your systems yourself please follow the steps below.
How to check your terminals:
Connect a USB keyboard to the terminal. If it is not recognised and you cannot use it then turn the terminal off and back on. As it boots up the drivers for the keyboard will, normally, be installed.
Press the Windows button on the keyboard, or tap the Windows start button on the screen, then type "winver". Once it finds the app press enter.
You can also use the Run app, press the Win+R buttons at the same time then type "winver".
This will open the About Windows app.
The app that has opened will tell you what version of the Microsoft Windows operating system is on the machine. If it says you are using a version of Windows 8, 8.1 or 10 then this article is not relevant to that machine.
If you see the same as the screenshot below then it is an affected machine.
If you are affected
Things to know about your EPoS terminals:
- Your EPoS terminal will still continue to run
- You may no longer be PCI compliant
- PCI DSS 6.2, requires that “all system components and software must be protected from known vulnerabilities by installing applicable vendor-supplied security patches within one month of release.” If an Operating System is no longer supported by the vendor, and security patches are not being released, PCI requirement 6.2 cannot be achieved unless the potential risk of doing so is mitigated.
- For further guidance please consult with the provider of your Acquiring Services or your Security Assessor (QSA).
- Microsoft is no longer be releasing patches or security updates to them, as such the operating system will be vulnerable to new malicious attacks and problems.
In the event of a security breach on any Windows 7 (or Sever 2008 R2) based PCs, your hotel will not only potentially suffer the effects of the breach but also be exposed to fraud and PCI non-compliance fines and penalties, which can be significant.
- Your access to Guestline EPoS and other Guestline applications currently remains unaffected.
- Only errors in our products that are reproducible in supported Operating Systems will be fixed.
We have strong security with Microsoft Azure Cloud. However, running our services on vulnerable PCs introduces unnecessary risk beyond our control or responsibility; therefore:
- Guestline Support will continue to offer limited assistance relating to the Operating System (Windows POSReady 7) until 01/03/2023.
- We will not carry out a new installation of our products on unsupported operating systems. After 01/03/2023 we will not carry out re-installations on the affected operating systems.
- We will not be offering the option to purchase Windows 7 Extended Security Updates (ESUs).
- We are not able to offer the option to upgrade the Operating System. If you wish to undertake this yourself, please be aware that on some EPoS terminals this will not be possible.
What to do next?
You are going to need to replace your EPoS terminals with new, up-to-date hardware. Guestline is able to supply and set up the new hardware for you. Click the link below to request a call back from a member of our team to discuss further.
If you have any further queries, then please do not hesitate to contact Guestline Support or your account manager.