There are just few days left until Microsoft officially stops supporting its operating system Windows XP. This successful and popular operating systems has long become a burden for the company. Since 2001, when Windows XP was released, Microsoft has developed and marketed as many as three new versions of Windows – Vista, Windows 7 and Windows 8. Windows XP has long run its course as a system. However, Microsoft has had to trail it along since too many people in the world use this operating system.
They finally decided to say “enough”. April 8th is the official termination date for Windows XP’s technical support. Who will be affected?
Many individual users will suffer. According to various estimates, about 11 to 29.5 percent of computers globally still run Windows XP (the share of Windows XP in China, according to some estimates, is as big as 49%). Even if the lowest limit is true those are tens of millions of machines. Just two years ago XP was the most popular operating system; Windows 7 dethroned it midway through 2012.
The affinity to XP is easily explicable. Although the operating system is old it is still quite functional and usable, while upgrading both hardware and software is costly. Therefore, users are more likely to hold on to the good old OS as long as it is possible, no matter what.
Well, after April 8 all newly discovered vulnerabilities of the operating system will become personal hardships for Windows XP users.
Unfortunately, that is not quite true. Situations of “personal problems” rapidly turn into common disasters. Firstly, modern botnets are largely composed of old computers running Windows XP with an expired antivirus and a second service pack installed at best. After XP’s technical support ends, even those machines with all the necessary updates installed will be primary targets of cybercriminals. We may well expect to see a lot of new exploits and other malicious software. That is, new threats are going to arise and the resistant XP users will have nothing to fight them with.
Windows XP enjoys considerable popularity among corporations because of the number of features in its Professional version. In addition, during the years when Windows XP became truly ubiquitous, a lot of specialized applications were written for it.
The migration of the entire corporate infrastructure to newer versions of Windows is a very hard task; its implementation requires a huge amount of planning, great expenses and considerable efforts. Many corporations and government agencies in many countries have held out doing so.
Financial institutions will have a hard time for a very specific reason. The vast majority of ATMs in the world (up to 95% by some estimates) run Windows XP today. This means that right here, right now banking organizations have to upgrade their devices as soon as possible. Moreover, unpleasant incidents already occur when attackers infect ATMs with malware via SMS and strip them of significant sums of cash.
By all evidence, the only reason why banks around the world have not changed the operating system of their ATMs so far is thriftiness – too much cost and effort is required to change the software in hundreds of thousands or even millions of devices.
Alas, after Microsoft stops supporting XP, those devices will be officially vulnerable. There is no doubt that hackers will quickly find new vulnerabilities and try using them to make the most of it.
Some banks have found a way to solve the problem: they have made special agreements with Microsoft to keep the Windows XP support and pay good money to do so.
The OS that would not go
Microsoft Windows XP really looks like an “indispensable” system, which is very hard to remove from the market. The representatives from Microsoft duly state that this system is old, primarily in terms of protecting information and it lacks many security mechanisms implemented in later versions of Windows. Therefore, the continued use of the system is unsafe even though all the necessary updates are installed.
However, both individual and corporate users have a lot of reasons to stick to the old operating system, and, alas, we should not ignore them. Microsoft has every right to refuse further support of Windows XP, actually abandoning those users who have not managed to move to any of the later operating systems and leaving them at the mercy of criminals who just cannot wait for April 8th.
We, at Kaspersky Lab, are well aware that after this date there will be plenty of users of the good old XP. Therefore, we decided to continue our support of this system; all our new products, both user and corporate ones, for the next two years will install and run under Windows XP. Protecting XP users from IT threats is now purely a matter for antivirus software developers.