NEW YORK – Microsoft will end support for the persistently popular Windows XP today, and the move could put everything from the operations of heavy industry to the identities of everyday people in danger.
An estimated 30 percent of computers being used by businesses and consumers around the world are still running the 12-year-old operating system.
“What once was considered low-hanging fruit by hackers now has a big neon bull’s-eye on it,” said Patrick Thomas, a security consultant at the San Jose, Calif.-based firm Neohapsis.
Microsoft has released a handful of Windows operating systems since 2001, but XP’s popularity and the durability of the computers it was installed on kept it around longer than expected. Analysts say that if a PC is more than five years old, chances are it’s running XP.
While users can still run XP after today, Microsoft says it will no longer provide security updates, issue fixes to non-security related problems or offer online technical content updates. The company is discontinuing XP to focus on maintaining its newer operating systems, the core programs that run personal computers.
The Redmond, Wash.-based company says it will provide anti-malware-related updates through July 14, 2015 but warns that the tweaks could be of limited help on an outdated operating system.
Most industry experts say they recognize that the time for Microsoft to end support for such a dated system has come, but the move poses both security and operational risks for the remaining users. In addition to home computers, XP is used to run everything from water treatment facilities and power plants to small businesses like doctor’s offices.
Thomas notes that companies generally resist change because they don’t like risk. As a result, businesses most likely to still be using XP include banks and financial services companies, along with health care providers. He also pointed to schools from the university level down, saying that they often don’t have enough money to fund equipment upgrades.
Marcin Kleczynski, CEO of Malwarebytes, said that without patches to fix bugs in the software XP PCs will be prone to freezing up and crashing, while the absence of updated security related protections make the computers susceptible to hackers.
He added that future security patches released for Microsoft’s newer systems will serve as a way for hackers to reverse engineer ways to breach now-unprotected Windows XP computers.
“It’s going to be interesting to say the least,” he says. “There are plenty of black hats out there that are looking for the first vulnerability and will be looking at Windows 7 and 8 to find those vulnerabilities. And if you’re able to find a vulnerability in XP, it’s pretty much a silver key.”
Mark McCreary, a Philadelphia-based attorney with the firm Fox Rothschild LLP, says small businesses could be among the most affected by the end of support, because they don’t have the same kinds of firewalls and in-house IT departments that larger companies possess. And if they don’t upgrade and something bad happens, they could face lawsuits from customers.
But he says he doesn’t expect the wide-spread malware attacks and disasters that others are predicting – at least for a while.
“It’s not that you blow it off and wait another seven years, but it’s not like everything is going to explode on April 8 either,” he says.
Meanwhile, without updates from Microsoft, regular people who currently use XP at home need to be extra careful.
Mike Eldridge, 39, of Spring Lake, Mich., said that since his computer is currently on its last legs, he’s going to cross his fingers and hope for the best until it finally dies.
“I am worried about security threats, but I’d rather have my identity stolen than put up with Windows 8,” he said.
There are 12 comments on this story »