In reply to a post by ian72:

And they can get 3 years extended support for Win 7 - government price for extended support this year is pretty low cost.

That is news to me. Maybe government departments who have opted for all the sucky Office365 E5 licensing and Azure add-on stuff have a discount, that's because they've already been proverbially bent over.

And with or without the extended support, the security of the older operating systems is still poor compared to the newer versions, so just because it is getting patched doesn't mean it is an acceptable state to be in.

It is quite possible for an organisation to be free of outdated and unsupported operating systems and the like if they are organised and have the right investment. There's very little excuse with the Win7 -> 10 argument because the majority of stuff that works on 7 works fine on 10. XP to 7 was a different matter so just because it might have been acceptable then doesn't mean it is now.

Basically what they are saying is that once again another government department is stuck in the stone age and doesn't have a competent IT department which can get some more appropriate software installed (like Microsoft Teams - not great but more secure than Zoom).

In the absense of competent IT that can manouvre quickly pressures have forced them to start using Zoom because it is easier for the staff to install and get up and running first, IT can wash their hands of the matter then for a couple of months until zoom has actually fixed the security issues. At that point IT can get involved and rubber stamp it and make it approved etc etc.

As for the NCSC - not the first time they have come out with some questionable advice.

Good news is that Zoom have taken the criticism seriously and making changes fast. If you use Zoom, then keep updating it, on any platform.

1) They have removed the meeting ID from the screen, you now have to click to see it. This means when people take screen shots and post to social media they aren't sharing the ID.

2) Many changes around the waiting room, it has been automatically enabled. The option to find it is now more obvious, and you can change it on/off during a meeting.

3) Paid accounts can now choose which data centre they are served by. The free accounts are limited to the data centre they signed up near.

Quite impressive for a company with explosive growth, more so that any Microsoft or Google or Cisco competitor.