Should we sunset Windows 7 support?

Jason A. Donenfeld Jason at
Tue Nov 10 13:27:20 CET 2020


Windows 7 has been EOL'd by Microsoft since January of this year. It
is no longer receiving security updates or fixes. This email is to get
the conversation started about doing the same with WireGuard for

Supporting Windows 7 is an ongoing maintenance burden. For example, we
use SHA2 signatures instead of SHA1 signatures for our drivers, which
is not something we want to compromise on, and as a result Windows 7
users must have KB2921916 installed. But Microsoft never supplied
KB2921916 via Windows Update and it removed all Windows 7 hotfixes
from its webpage last year. So in order to keep supporting this, we're
forced to add clunky disgusting code like this:
Keen readers will wince at all the layering violations there. Do we
really want to keep maintaining gross stuff like this? It makes me
uncomfortable to have kludges like that sitting around in the code.
Shouldn't I write an auto-downloader that then checks hashes?
Shouldn't I build this into the installer? Shouldn't I.... waste tons
of time supporting Windows 7 better?

Probably not.

But I know so many users are still using Windows 7. I'd like to hear
from you to understand why, in order to assess when is the right
moment to sunset our Windows 7 support.

So, if you care for Windows 7, please pipe up! We're not going to
remove support for it overnight, and we're not prepared yet to
announce any sort of formal deprecation plan, but the world is moving
on at some point.


More information about the WireGuard mailing list