• WANTED: Happy members who like to discuss audio and other topics related to our interest. Desire to learn and share knowledge of science required. There are many reviews of audio hardware and expert members to help answer your questions. Click here to have your audio equipment measured for free!

Keeping a Windows 10 media server after 2025

sergeauckland

Major Contributor
Forum Donor
Joined
Mar 16, 2016
Messages
3,732
Likes
10,102
Location
Suffolk UK
I'm running LMS on the same Windows 10 laptop that I use for everyday computing functions, like posting on here, my banking etc. When Windows 10 goes out of support next year I will buy a Windows 11 computer as I really don't want to risk using an unsupported computer for financial and other functions. However, I'm thinking I could remove everything other than LMS from my current laptop but leave that on the network purely as a file server including accessing Spotify.

My question is:- what's the risk of leaving an unsupported PC on my home network even if it's only a file server and for Spotify. I have a similar issue with an older Windows 7 laptop used only for REW and an even older XP PC used for audio recordings as the sound card used only has XP drivers. I normally keep those off the network, but there are times when I might want to transfer files or look something up, so they go online occasionally.

S.
 
It depends on what vulnerabilities turn up in Win10 after support is discontinued. I gather you can pay for a year of extended support, or longer but increasingly more expensive if you're an enterprise.
I'd suggest linux as an alternative for hosting LMS on old hardware, but I know it's not for everyone.
 
I'm running LMS on the same Windows 10 laptop that I use for everyday computing functions, like posting on here, my banking etc. When Windows 10 goes out of support next year I will buy a Windows 11 computer as I really don't want to risk using an unsupported computer for financial and other functions. However, I'm thinking I could remove everything other than LMS from my current laptop but leave that on the network purely as a file server including accessing Spotify.

My question is:- what's the risk of leaving an unsupported PC on my home network even if it's only a file server and for Spotify. I have a similar issue with an older Windows 7 laptop used only for REW and an even older XP PC used for audio recordings as the sound card used only has XP drivers. I normally keep those off the network, but there are times when I might want to transfer files or look something up, so they go online occasionally.

S.
These days you'd be well advised not use deprecated software on a home network, especially something like windows where there will be a high incentives to exploit vulnerabilities that emerge after EOL (and they will) due to the reach that such an exploit would achieve. Not saying you'd be at specific risk, but island hopping attacks within home networks are no longer a theoretical issue.
 
By LMS, I presume we're talking about Logitech/Lyrion Music Server? If that's so you can stream stuff while away from home, then it's a definite no-no as it's presumably listening on an open port.
what's the risk of leaving an unsupported PC on my home network even if it's only a file server and for Spotify

The most obvious risks are:
  1. Someone in the household accidentally unleashes a nasty that searches home network for vulnerable Win10 machines and turns it into a botnet participant/bitcoin miner/spam server
  2. The outward listening port for LMS (assuming you let it through the router) gets hammered on day and night until someone manages to buffer-overflow it and compromises the machine. Then they encrypt your disk and try to ransom it back to you (or just add it to a botnet)
They're quite unlikely risks but fairly severe in magnitude. It very much depends on your setup, your people (and how prone they are to inviting disaster) and your admin skills.

Perhaps a more fruitful angle might be persuading Win11 to install even though your laptop may not pass the upgrade-readiness check? The installer can be lied to.
 
By LMS, I presume we're talking about Logitech/Lyrion Music Server? If that's so you can stream stuff while away from home, then it's a definite no-no as it's presumably listening on an open port.


The most obvious risks are:
  1. Someone in the household accidentally unleashes a nasty that searches home network for vulnerable Win10 machines and turns it into a botnet participant/bitcoin miner/spam server
  2. The outward listening port for LMS (assuming you let it through the router) gets hammered on day and night until someone manages to buffer-overflow it and compromises the machine. Then they encrypt your disk and try to ransom it back to you (or just add it to a botnet)
They're quite unlikely risks but fairly severe in magnitude. It very much depends on your setup, your people (and how prone they are to inviting disaster) and your admin skills.

Perhaps a more fruitful angle might be persuading Win11 to install even though your laptop may not pass the upgrade-readiness check? The installer can be lied to.
In this vein I this the Rufus application enables an install that ignores minimum win 11 requirements.
 
Exposing the LMS ports directly to the internet is a security issue whatever OS you run it on. Don't do it. If you want to stream from it when away from home then use a VPN like WireGuard to make a secure connection to your home network.
 
I've done what you are in keeping around several PCs that "are still useful" hating the idea of discarding them. I eventually made things simpler by getting down to 2 machines (well 3 I guess). And staying close to up to date. I don't know how recent your Win 10 machine is. Is it better than getting a 2nd mid-grade Win11 machine for server purposes? Sometimes even free as in it still works and you already own it can become too high a price.

I also decided way before simplifying, that any machine whose OS is not up to date on security should get Linux or get dumped. I mean every 8 or 10 years you really need to get out with the old and in with the new. So in regard to your actual question I'd put Linux on that Win10 machine if Linux will do what you want. I'm no expert on how risky it is to keep an unsupported Win10 machine around. Why even risk it? The possible down side could be far more expensive than abandoning a still useful bit of hardware.
 
I am curious if anyone can point me to something explaining how best to keep Windows 10 machines connected to a LAN without being connected to the Internet. I plan to keep a few and use my Windows 11 machine for internet access. My data is on two NASs and various SSDs. Don't want to ditch Windows as I use MathAudio RoomEQ via Foobar2000 and it is a key part of my audio chain now. Any guides found online and/or advice most welcome (And apologies if slightly off topic.)
 
Why even mess with Windows anymore? Linux is literally the most popular OS on planet Earth (and Mars) because of its presence in servers, because it's very good for servers.
 
I am curious if anyone can point me to something explaining how best to keep Windows 10 machines connected to a LAN without being connected to the Internet. I plan to keep a few and use my Windows 11 machine for internet access. My data is on two NASs and various SSDs. Don't want to ditch Windows as I use MathAudio RoomEQ via Foobar2000 and it is a key part of my audio chain now. Any guides found online and/or advice most welcome (And apologies if slightly off topic.)
If you are absolutely set on Windows 10, then maybe you could run it inside a virtual machine inside Linux (or Win 11) host OS? I don't know to what extent that would mitigate risks, but it might be easier to keep any issues contained within the VM then.
 
Thanks. Yes, I had come accross that as an option. Curious what's involved if not doing this though.
 
I'm running LMS on the same Windows 10 laptop that I use for everyday computing functions, like posting on here, my banking etc. When Windows 10 goes out of support next year I will buy a Windows 11 computer as I really don't want to risk using an unsupported computer for financial and other functions. However, I'm thinking I could remove everything other than LMS from my current laptop but leave that on the network purely as a file server including accessing Spotify.

My question is:- what's the risk of leaving an unsupported PC on my home network even if it's only a file server and for Spotify. I have a similar issue with an older Windows 7 laptop used only for REW and an even older XP PC used for audio recordings as the sound card used only has XP drivers. I normally keep those off the network, but there are times when I might want to transfer files or look something up, so they go online occasionally.

A single purpose server can be secured with strict access rules and such - plenty of those running very critical functions with obsolete OS's out there in the world. My only question is the practicality of getting into such trouble for a home media server. There are several products out there to keep protecting servers with obsolete OS's, but they (a) cost extra $, and (b) are yet another thing you'll spend time on, because it's not as easy as simply telling your OS to keep auto-installing security patches.

It'd be easy to install something like Linux Ubuntu (which supports LMS beautifully) on it and automatically stay super safe with regular security patches for many years to come. The other option is to simply force install Windows 11, I have done so on several "incompatible" computers with 7th gen CPU processors and Windows 11 runs fast and flawlessly. I used the simple (which Microsoft published themselves, btw) procedure outlined here: https://www.audiosciencereview.com/...ds/the-death-of-windows-10.43238/post-2145173
 
Last edited:
Thanks. Yes, I had come accross that as an option. Curious what's involved if not doing this though.
You could set up a firewall to block any traffic from outside the local network on a Windows 10 machine. I suppose something might 'get into' the local network through an up to date machine and propagate to the Win 10 machine locally, I don't know if this is a risk in practise? Move everything you can off the Windows 10 machine and leave in standby when not needed...?

Nothing is fool proof, it is just about mitigation.
 
Thanks folks. Yes, I would only be using the Win 10 machines as end-points/renderers, so hopefully this would work. Plenty of time to read up on it.
Ta.
 
If you're dead set on keeping 10 alive and connected to the internet, 0patch from Acros might be an option:
The software patches Windows bugs "on the fly". The basic plan with only critical security patches is free. I haven't used it, but have seen reputable PC magazines recommend it.
 
You could set up a firewall to block any traffic from outside the local network on a Windows 10 machine. I suppose something might 'get into' the local network through an up to date machine and propagate to the Win 10 machine locally, I don't know if this is a risk in practise? Move everything you can off the Windows 10 machine and leave in standby when not needed...?

Nothing is fool proof, it is just about mitigation.

Firewalls rules are also best kept updated, using the old, unsupported (post 2025) Windows 10 firewall functionality is a security risk. And the LMS use case makes a strict Windows Defender Firewall configuration a real PITA... if you enable the default WDF, the LMS server will no longer communicate with the "squeeze boxen" ...
 
Last edited:
It depends on what vulnerabilities turn up in Win10 after support is discontinued. I gather you can pay for a year of extended support, or longer but increasingly more expensive if you're an enterprise.
I'd suggest linux as an alternative for hosting LMS on old hardware, but I know it's not for everyone.
There are also other providers of anti-(whatever, long string of names, malware) that attack your system than Microsoft, should you do what I am going to do, keep windows 10 as I learn a linux on one of my other machines.
 
Thanks for all the replies. I think it's clear keeping the Windows 10 machine as a server is a bad idea, so when get a Windows 11 machine next year, I'll do what I'm doing now and put LMS on the new PC and avoid messing about with work-arounds or having to learn Linux.

S
 
Back
Top Bottom