XP Users Have a Bad Headache Coming On
As promised, Microsoft is ending regular support for Windows XP on Tuesday -- and as expected, that will leave many organizations and individuals using the old but still popular operating system in the lurch. The value of exploits increases "significantly" once cybercriminals are confident a vendor won't patch software, noted Patrick Thomas of NeoHapsis.
04/07/14 1:01 PM PT
Money will be the biggest problem users of Windows XP will face when Microsoft officially stops supporting it on Tuesday.
"While many customers have already completed their migrations to a modern OS, some large customers with complex Windows XP deployments may not have their migrations complete by April 8," said a Microsoft spokesperson in a statement provided to TechNewsWorld by Linsey Carver of Waggener Edstrom.
"To help those customers, we offer custom support for Windows XP as a temporary, last resort to help bridge the gap during a migration to a modern OS," the spokesperson said.
Gartner has estimated XP support will cost up to US$200 per PC per year.
The UK government reportedly has paid Microsoft about $9 million to extend Windows XP support for one year.
The average user will have to shell out for a new Windows 7 or Windows 8 computer and subscribe to Microsoft Office online, at the very least.
The Few and the Proud?
Win XP accounted for nearly 28 percent of the desktop OS market in March, according to NetMarketShare.
Many of those desktops are deployed in government offices and in national critical infrastructures, as well as in large corporations.
The financial services industry may have the most to lose, because many ATMs run on Windows XP, Darren Hayes, a professor at Pace University's Seidenberg School of Computer Science, told TechNewsWorld.
The healthcare industry is also vulnerable, both because many computers on various networks and the "vast majority" of medical devices run XP.
Utility companies and governments will be at risk, Hayes warned.
Heart of the Matter
"The issue isn't whether XP can be used," pointed out Jim Handy, director of Objective Analysis.
The problem is "there will be no further updates to solve vulnerability issues or to fix bugs, and there will be no more telephone support. An attack on Windows XP will not cause Microsoft to issue a patch," he told TechNewsWorld.
"We have no way of knowing what vulnerabilities will be identified after April 8," Christopher Pogue, director of Trustwave, told TechNewsWorld. "As such, we have no idea of what to expect in terms of volume or severity of these vulnerabilities."
Once Microsoft stops supporting Win XP, it's logical to assume that vendors of third-party applications will follow suit, Pogue suggested. "There are thousands upon thousands of applications that run on XP" [that] interact with the OS and that will create another area of security vulnerabilities.
Hackers will go to town on Win XP users, warned Patrick Thomas of NeoHapsis. After April 8, these systems "will have a giant neon bull's eye" on XP systems and the data on them because the value of exploits increases "significantly" once cybercriminals are confident a vendor won't patch software.
Individual users and small businesses should upgrade their PCs, suggested Thomas. Failing that, they should use their XP machines only for tasks that cannot be performed elsewhere. They should install and use the latest versions of the Firefox or Chrome browsers, which won't be affected by termination of XP support, update and run antivirus software, and back up their data.
Cloud services provider dinCloud offers what is essentially a Windows 7 or Windows 8 image in the cloud for enterprises.
"You move your daily work life to a virtual desktop that's backed up and heavily protected within dinCloud's infrastructure running the latest OS, licensed monthly in the cloud for a low fee," dinCloud CTO Mike Chase told TechNewsWorld. "The endpoint can remain legacy without issues as it's just a jump-off point."
Perhaps Microsoft should take a leaf from dinCloud's book.
"I think [Microsoft] can make a pot of money if they support XP on a subscription basis rather than doing it for free," Objective Analysis' Handy told TechNewsWorld. "I bet people would pay $100 a year to avoid upgrading."