Categories: PCSecurityWorkspace

Microsoft Warns On Windows XP Security

Come April 2014, organisations that are still running Windows XP will face not only a support cutoff, but a security nightmare, cautions Microsoft. And the company’s warnings are growing louder.

“There is a sense of urgency because after 8 April, Windows XP Service Pack 3 (SP3) customers will no longer receive new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates,” explained Tim Rains, director of Microsoft Trustworthy Computing, in a 16 August Microsoft Security Blog post.

Risk

In essence, enterprises with Windows XP machines in their PC fleets will be left to fend for themselves, and given XP’s continued popularity, a good number of PC users may be at risk.

According to the latest desktop operating system market statistics (July 2013) from Net Applications, Windows XP commands 37.19 percent of the market, second only to Windows 7 with 44.49 percent. Next year, unless XP’s share of the market drops considerably, hackers and malware coders will be setting their sights on a big new target.

“One risk is that attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders,” Rains said. XP stands to lose a major defender in April, namely the Microsoft Security Response Centre (MSRC).

To combat vulnerabilities across several versions of the company’s software, MSRC typically releases security updates that encompass multiple products simultaneously. This tactic lessens the chances that malware creators will exploit underlying similarities between Microsoft’s operating systems and applications. Next year, Windows XP will be left out of the loop.

“Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a ‘zero-day’ vulnerability forever,” stated Rains.

Outmoded security

Don’t count on the security precautions built into Windows XP SP3, which were state-of-the-art when it was released in 2008, to last long against today’s exploits, warned Rains. He stated that “attackers have refined their tools and techniques over the past decade to make them more effective at exploiting vulnerabilities. As a result, the security features that are built into Windows XP are no longer sufficient to defend against modern threats.”

Rains joins a chorus of Microsoft executives that are sounding the alarm on the Windows XP sunset.

On 8 April, a year before Microsoft is scheduled to pull support, Windows senior director Erwin Visser detailed the potential financial disadvantage of putting off an upgrade. “While end of support for Windows XP is still one year away, the migration process can take some time and may be costlier the longer you stay on Windows XP, ultimately putting your business at risk,” he blogged.

Echoing the data security considerations of sticking with XP after April 2014, Visser added that it “is critical that businesses ensure they protect their data and IP against the latest threats by deploying a modern Windows platform”.

Are you a security pro? Try our quiz!

Originally published on eWeek.

Pedro Hernandez

Pedro Hernandez covers Microsoft products and services, such as Office, Windows, Windows Phone, Azure and Skype.

Recent Posts

Is the Digital Transformation of Businesses Complete?

Digital transformation is an ongoing journey, requiring continuous adaptation, strong leadership, and skilled talent to…

20 hours ago

Craig Wright Faces Contempt Claim Over Bitcoin Lawsuit

Australian computer scientist faces contempt-of-court claim after suing Jack Dorsey's Block and Bitcoin Core developers…

21 hours ago

OpenAI Adds ChatGPT Search Features

OpenAI's ChatGPT gets search features, putting it in direct competition with Microsoft and Google, amidst…

21 hours ago

Google Maps Steers Into Local Information With AI Chat

New Google Maps allows users to ask for detailed information on local spots, adds AI-summarised…

22 hours ago

Huawei Sees Sales Surge, But Profits Fall

US-sanctioned Huawei sees sales surge in first three quarters of 2024 on domestic smartphone popularity,…

22 hours ago

Apple Posts China Sales Decline, Ramping Pressure On AI Strategy

Apple posts slight decline in China sales for fourth quarter, as Tim Cook negotiates to…

23 hours ago