FAQ Response
PA-DSS validated applications are intended to facilitate PCI DSS compliance when implemented and maintained in a compliant manner. Organizations are responsible for ensuring their own PCI DSS compliance, and an organization using unsupported operating systems in their cardholder data environment should be planning to upgrade to a supported operating system in a timely manner. Consistent with this, an organization may also need to upgrade their applications to ensure they are compatible with the supported operating system. For additional guidance on the use of unsupported operating systems, please refer to FAQ # 1130: Are operating systems that are no longer supported by the vendor non-compliant with the PCI DSS?
December 2013
Article Number 1262