Here is something directly from the PCI Security Guide section 6.2: Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor-supplied security patches. Install critical security patches within one month of release.
What does the “end-of-support” mean?
PCI Data Security Standard states that all systems used by parties processing credit cards be patched and supported by their respective vendors. Clients not using a supported operating system are not PCI compliant and must update to a supported operating system immediately. To sum this up, you will not be in the scope of PCI compliance and could face fines.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.
Am I running a different end-of-support Microsoft operating system?
Below are several common POS operating systems released by Microsoft, and their respective end-of-support dates. Please review the list below and confirm the system you are running. If you are running an end-of-support version or need help to find out, please contact our team as soon as possible.
Operating System: Windows XP
Support Status: Support ended on April 8, 2014
Operating System: Windows Server 2003
Support Status: Support ended on July 14, 2015
Operating System: Windows Embedded for Point of Service (WEPOS)
Support Status: Mainstream support ended on April 12, 2011. Extended support ended on April 12, 2016
Operating System: Windows Embedded 8 Industry
Support Status: Support ended on January 12, 2016; must install Windows Embedded 8.1 Industry i to continue receiving updates and support
Operating System: Windows Vista
Support Status: Support ended on April 11, 2017
Operating System: Windows Embedded POSReady 2009
Support Status: Mainstream support ended on April 8, 2014. Extended support ends on April 9, 2019