Windows XP Refuses to be Dropped

Data from show Microsoft’s Windows XP is still the 3rd most popular operating system 2 years after support ended. What does that mean? and why should I care?

After a 13 year journey that saw Microsoft Windows XP rise to be the most prominent operating system globally, introducing many features to what we have become accustomed to along the way, Microsoft ended support for XP in April 2014. You may have seen news made about this, you may also not have cared, but the implications are serious and demand recognition.

Just what does it mean?  Why should I care? Well, the short answer is you should listen to your friend who “knows about ‘IT’”, using XP puts you in critical danger from cyber criminals looking to exploit the no longer patched security flaws in the beloved OS. If you require more information than just taking my word for it however, I invite you to read on.

What is Support?

Regrettably, there is a tireless effort by cyber criminals to find vulnerabilities in operating systems that could give them access to sensitive financial or personal data. Fortunately however, creators of operating systems such as Microsoft (Windows) and Apple (Mac-OS) seek out these potential breaches in security and release regular updates/patches to fix them (those seemingly annoying updates when you shutdown your PC). This is support.

Ending such support means that now any newly discovered vulnerabilities in the Windows operating system will go unfixed, think of this as your front door being knocked down with no one willing to repair it. Thieves are going to have a field day.

But they left it as safe as can be before discontinuation?

Be that as it may, there is still an inherent risk involved. As Tim Rains, Chief Security Advisor at Microsoft, says “The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities.

This isn’t mere scaremongering, there are already reports of this happening and as time progresses there is only one direction this can go; and that isn’t it getting better.

But for two years since support ended I’ve been fine?

It is common parlance to say: “If it isn’t broken, don’t fix it”, trust me, as a former physical scientist I cannot stress how much I subscribed to this notion – if results were going my way I wouldn’t be eager to upset the apple cart.

However, when considering the world of information technology the phrase needs a little re-wording: “If it isn’t broken yet, someone will break it”. XP machines are prime targets for hackers, and if you’re connected to the web it’s only a matter of time until you’re a potential target.

Whilst it may appear to be expensive to migrate to another system, and even perhaps low on the priority list. It is much more cost effective now to update the system than to have to fork out for disaster recovery when hackers have stolen all your sensitive data and/or transferred company funds to unknown beneficiaries. In particular we have already seen discussed that law firms are a major target for cybercrime, such companies running an XP operating system is a catastrophe waiting to happen.

I want to, but the software for my specialist hardware only works on XP?

This issue I completely understand and can relate to, I came across numerous pieces of equipment in my former role which cost in excess of £500,000 that were long term investments. Being long term investments after many years they are still in fine working order, with the only drawback being they are only compatible with Windows XP.

I am quite confident that any institution operating expensive pieces of kit have either i) a dedicated IT support team or ii) a hired IT consultancy firm that are on hand to perform necessary work. One way to get the best of both worlds is to adopt a virtualisation strategy, that is, the idea of running one (or more) ‘imaginary’ computers on a real computer. By doing this, a single desktop machine can run a plethora of different operating systems (such as XP), networks or machines. An added bonus is that this method of computing also reduces the cost of perpetual hardware purchases as well as operating costs (such as electricity).

This is a much more secure approach going forward and enables the apple cart to remain suitably happy.

This all sounds great, but I don’t like change

That is entirely your prerogative, you can lead a horse to water but you can’t make it drink. If you were to insist on maintaining an XP system however, be sure to have an up-to-date malware protection programme in place and cease any use of Internet Explorer 8 (the latest version available to XP users) if you haven’t done so already. Seriously, the list of vulnerabilities does not make for pleasant viewing.

In all, it is my hope that the dangers of using XP have been made clear and that perhaps I have offered solutions to any hindrance to updating.

Whatever the case, may your data remain safe and your company’s reputation be upheld.