More than 97% of the infections seen by Kaspersky Lab and 66% of those seen by BitSight used the older software.
WannaCry started spreading in mid-May and, so far, has infected more than 200,000 computers around the world.
In the UK, some hospitals had to turn away patients as the worm shut down computer systems.
Many suggested that the reason UK hospitals suffered was because many of them still relied on programmes that required Windows XP – a version of Microsoft’s OS that debuted in 2001.
But infections of XP by WannaCry were “insignificant” said Costin Raiu from Kaspersky Lab.
Windows 7 was first released in 2009 and the most widely infected version was the x64 edition, which is widely used in large organisations, showed figures from Kasperksy.
Many organisations seem to have been caught out because they failed to apply a patch, issued by Microsoft in March. that blocked the vulnerability which WannaCry exploited.
Spanish telecoms firm Telefonica, French carmaker Renault, German rail firm Deutsche Bahn, logistics firm Fedex, Russia’s interior ministry and 61 NHS organisations were all caught out by WannaCry.
After encrypting files, the WannaCry worm demanded a payment of £230 ($300) in bitcoins before they were unfrozen. So far, a reported 296 payments totalling $99,448 (£76,555) have been made to the bitcoin wallets tied to the ransomware.
