Unfortunately, Windows Server 2003 situation is perhaps more severe. This old server operating system hit end-of-life (EOL) status last month, but the latest marketshare statistics from Netcraft reveals about 175 million websites, or roughly 20 percent of those surveyed, are still running Windows Server 2003!
The total number of servers running Windows Server 2003 is estimated to be around 609,000, which accounts for 10 percent of web-facing servers. Many of these vulnerable servers are located in China and the US, and Netcraft notes clients include hundreds of banking websites.
A portion of those websites aren't being run atop IIS 6.0 (Server 2003's default web server software), but that may be of little help—any new security vulnerabilities in the underlying operating system will probably go unfixed. Some companies may have extended support contracts with Microsoft, but those likely account for a small portion of the installed base.
Via: The Tech Report