On April 8th 2014 (less than 3 months away) Microsoft will stop pushing out security updates for Windows XP. That is likely to be a big problem. Viruses, Malware, Spyware, and anything else written to infect, snoop or steal data from users on Windows XP after 8th April will be free to take advantage of unpatched vulnerabilities in the operating system.
To make matters worse, a large number of Windows 7 vulnerabilities are present in Windows XP. When the first wave of Windows 7 security updates are released after 8th April, Microsoft will in effect be handing out a guidebook to hacking Windows XP.
What does it mean to your business?
As a result, we can expect to see an increase in attacks targeted at unpatched Windows XP machines. To highlight how seriously the security industry is taking this problem, Windows XP machines running on your business network will, from 8th April 2014 become non-compliant with HIPAA1 and violate the requirements of PCI DSS2
Quite apart from any regulatory issues your business may face (many businesses face none), the thought of a tranche of new threats, specifically targeted at known (but unpatched) Windows XP vulnerabilities, is enough to send most computer users and system administrators into a cold sweat.
Now, there are a selection of IT professionals out there who would dismiss this as “low risk” or simply bury their heads in the sand, some may even liken it to the millennium bug. Some will cite the unpopularity of Windows 8 or compatibility issues with 3rd party software as reasons not to move away from Windows XP. And they may be correct, only time will tell.
However, this has every potential to be a huge security problem and I for one will not be taking the risk with my own system or with any of my client’s systems. We recommend , as we have done for some time, that all Windows XP machines be replaced before 8th April 2014.
Recently we have seen such headlines as “Microsoft Extend Security Updates For XP” – a lie, and “Microsoft XP Security Updates Extended” – another lie.
These headlines are extremely misleading, the full articles explain the truth, but unfortunately many do not read the full articles.
Initially Microsoft had threatened to stop providing virus definition updates for a whole range of security products running on Windows XP machines. Microsoft Security Essentials, System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune. This would have meant that not only would the Windows XP Security Updates have ended, but so too would the antivirus and security product updates.
Microsoft has since backtracked on this final point, and are extending anti-virus protection updates for its security products running on Windows XP. However it is not extending security updates for Windows XP itself.
“Despite extending the security support, Microsoft warned that antivirus software wasn’t enough to protect anyone using XP once it’s no longer supported.”3
In a vast number of cases, Windows XP is running on machines which are over 5 years old. Put simply, replace all of your Windows XP machines with Windows 7 or Windows 8.1 machines.
The improvements in Windows 7 compared to Windows XP together with the advances in hardware in the last 5 years will mean that the upgrade, despite being out of necessity, will most likely bring your business good ROI due to improved speed, efficiency and reliability. If you are unable to upgrade your hardware, you may be able to install Windows 7 or Windows 8.1 onto the existing hardware. You would first need to speak with your IT consultant to ensure that the hardware is compatible and powerful enough to do the job well.
If you cannot upgrade to Windows 8.1 due to compatibility issues (or may just not like the new look), it is still possible to purchase brand new machines running Windows 7.
If you are unsure if you have a problem in your business, or you are unsure how to go about orchestrating the upgrade from XP before the April deadline, drop us an email to email@example.com and see how we can help you.