• Insights

Windows XP End of Life Poses Serious Security Threat

Nina Lukina

2 min read

All Insights

“End-of-life” is fast approaching for Windows XP. What does this mean? Microsoft warns, “It means you should take action. After April 8, 2014, there will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates.” In short, businesses running XP will become highly vulnerable to cyber-attacks. Not only will Microsoft not issue fixes for XP devices, it will also inadvertently help hackers to infiltrate them when it releases patches for the later operating systems.

Microsoft used to release patches (fixes for detected security holes) as they were discovered in a particular operating system. However, the company was forced to change its policy because hackers were using these patches to find the same vulnerabilities in other versions. Microsoft released a patch for one version, and hackers checked for the same exploit in a different operating system or on machines that had not applied the update. Now Microsoft has a monthly patch cycle covering the product line. Today, if there is a security hole found, it releases patches for Windows 8, 7, Vista, and XP concurrently. On April 8, XP will no longer be included, and hackers will know where to look. Cybercriminals will have the advantage over users of XP, which is likely to have the same security vulnerabilities as those discovered in later versions, especially since it shares many similarities with Windows 7.

Tim Rains, Director of Product Management in Microsoft’s Trustworthy Computing group, portrayed the situation as dire in a blog post:

“The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities.”

Regardless of the upcoming cessation of support, Windows XP is inherently less secure than other systems. Though well-designed when it was released, it is twelve years old now, and simply does not have the updated safeguards of the more recent operating systems. Even before its end-of-life, Rains writes, “the infection rate for Windows XP is significantly higher than those for modern day operating systems like Windows 7 and Windows 8.”

Firms  still running Windows XP should seriously consider how and when they will move off of it. Kraft Kennedy has helped 80+ firms migrate from Windows XP to Windows 7/8.  We have helped firms develop a migration plan. We have helped firms execute the plan including building the new desktop, testing, deploying and training.