Support for Windows XP operating system ends today, this means that there will be no more official security updates and bug fixes for the operating system from Microsoft. Security firms said anyone else using the 13-year-old software would be at increased risk of infection and compromise by cyber-thieves. The UK government negotiated extended support contracts for the OS and has signed a 5.5 million pounds deal for extended support, similarly the Dutch government has signed a “multi-million euro” deal to obtain help for the 40,000 PCs running and keep its users protected.
Statistics state that 20-25% of all users are using XP, despite the fact that there have been three major releases of Windows since its debut in 2001. Anyone running Windows XP already faced an incalculable risk of falling victim to malware:
“Our data indicates that less than one fifth of our customers run Windows XP but more than a quarter of infections are Windows XP-based,” said Dave Emm, a senior research analyst at security firm Kaspersky.
The exposure to malware is going to get worse after the 8th of April, once the last security patch for Windows XP had been released. The patch will fix a series of bugs, one of which is rated as critical and is already being actively exploited despite being discovered in late March.
“Effectively, every vulnerability discovered after 8 April will become a zero-day vulnerability – that is, one for which there is not and never will be, a patch,” said Mr. Emm.
Maik Morgenstern and Andreas Marx from the German AV-Test group said that “malware writers go for the low hanging fruits because it’s a lot easier to infect systems running on an old Windows XP operating system compared to brand-new Windows 8.1, with all its built-in security features. We think we will see a lot of attacks for Windows XP within the next few months, but attackers will also always add exploits for other Windows systems just to catch those systems as well.”
Orla Cox, a senior manager at cyber defense firm Symantec’s security response unit, said criminals groups were likely to hoard the XP vulnerabilities and will tend to use them against high-end targets and for corporate espionage. Any zero-day that did get used against a corporate target was likely to be re-used later on.
“Some organizations will have particular concerns because they find it so hard to move away from XP. Once it’s out there it gets into the malware kits and then gets circulated and there will be no defence,” she said.
Mark O’Neill, a spokesman for data management firm Axway, is rather optimistic. He said that organizations were getting better at coping with software that had hit its end-of-life.
“Beyond high-profile programs like XP there are a lot of products that have gone out of support because the company behind them has gone out of business or was acquired,” he said.
Many other products were written in old programming languages that made them expensive to maintain and update, as a result, some IT departments have put ageing programs as this in the virtual equivalent of a “black box” and updated the external code if security patches need to be applied.
“You can create a layer above the older application and that gives you a place to patch,” Mr O’Neill said.
“Companies are not defenseless even with the things they cannot patch.”
The major question on everyone’s mind is if Windows XP can still be activated after April 8? The answer is yes. Windows XP can still be installed and activated after end of support. Computers running Windows XP will still work. But they won’t receive any Microsoft Updates or be able to leverage technical support. Activations will still be required for retail installations of Windows XP after this date as well.
If you are staying with Windows XP, there are some potential risks to consider. Without the critical Windows XP security updates, your PC may become vulnerable to harmful viruses, spyware, and other malicious software which can steal or damage your business data and information. Anti-virus software will also not be able to fully protect you once Windows XP itself is unsupported. Businesses that are governed by regulatory obligations such as HIPAA may find that they are no longer able to satisfy compliance requirements. Many software vendors will no longer support their products running on Windows XP as they are unable to receive Windows XP updates. For example, the new Office takes advantage of the modern Windows and will not run on Windows XP. Most PC hardware manufacturers will stop supporting Windows XP on existing and new hardware. This will also mean that drivers required to run Windows XP on new hardware may not be available.
Home PC users could still stay protected, as they have some options that Windows recommends: The first option is to upgrade your current PC. Very few older computers will be able to run Windows 8.1, which is the latest version of Windows. It’s recommended that you download and run the Windows Upgrade Assistant to check if your PC meets the System requirements for Windows 8.1 and then follow the steps in the tutorial to upgrade if your PC is able to handle it. You can also purchase a new PC. If your current PC can’t run Windows 8.1, it might be time to consider shopping for a new one. Be sure to explore the new selection of PCs. They’re more powerful, light weight, and stylish than ever before, and come with an average price that’s considerably less expensive than the average PC was 10 years ago.