Windows XP SP2 retirement looms, puts users in tough spot
Half of all corporate PCs running XP stuck on soon-to-be-obsolete SP2
Computerworld - Half of the enterprise computers running the aged Windows XP operating system are still relying on the soon-to-be-retired Service Pack 2 (SP2), a researcher said today.
According to security risk and compliance management provider Qualys, 50% of the several hundred thousand PCs it monitors for its clients are still running Windows XP SP2.
"The normal thing for IT is not to muck around with something that works," said Wolfgang Kandek, chief technology officer for Qualys, as he tried to explain why corporations have stuck with 2004's SP2 and not updated to SP3, which debuted two years ago.
Microsoft will officially retire Windows XP SP2 on July 13. After that date, although it will continue to provide security updates for XP SP3, it will stop issuing patches for the older SP2.
"I would expect that come August, SP2 will be getting hard and harder to defend," said Kandek, referring to the lack of security updates. "I expect to see reliable exploits of unpatched vulnerabilities three or four months later."
Companies have stepped up their efforts to migrate machines to XP SP3 in the last 11 months -- the rate of adoption of the newest service pack during that period was roughly double that of SP3's first 14 months of availability -- but even now, just weeks before SP2 will slide off support, half of the Windows XP systems still run the older edition, according to Qualys.
"I think this simply flew under the radar of most IT professionals," said Kandek, talking about the July retirement of XP SP2. "Personally, I didn't know about it until two months ago. I don't think many people were looking at the [retirement] messages Microsoft was putting out."
Microsoft started warning customers of XP SP2's looming retirement last February, and has been repeating that warning every month in its Microsoft Security Response Center (MSRC) blog on Patch Tuesday, the regularly-scheduled second-Tuesday-of-the-month security update release day. But not every user reads the MSRC blog.
Windows XP SP3 will exit all support in April 2014; to receive vulnerability fixes, users must update to that service pack by July.
By Qualys' numbers, Windows XP accounts for approximately 80% of all enterprise PCs, a considerably higher share than estimated by Web metrics companies such as NetApplications, which pegged XP's share in April at 63.4%. NetApplications, however, calculates usage share globally -- Qualys' is predominantly U.S. -- and factors in consumers as well as businesses.
Microsoft has made some minor concessions on Windows XP SP2 support. Last month, it said it would take calls from customers running outdated service packs, such as SP2. Previously, it turned those people away.
Instead, Microsoft's support staff will answer questions about old service packs, fill out support tickets and provide what the company's head of support called "limited troubleshooting."
The new support for obsolete service packs isn't free, however. Companies or customers without an in-place Microsoft support plan will be billed on a per-incident rate. A consumer contacting Microsoft support via chat or e-mail, for example, is charged $49, while telephone-based support costs $59.
Windows XP SP3 can be downloaded from the Microsoft site, or obtained from XP SP2 PCs via the Windows Update service.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
Windows XP lives
- US-CERT urges XP users to dump IE
- Perspective: Microsoft risks security reputation ruin by retiring XP
- Update: Microsoft reacts to XP upgrade critics with free file transfer tool
- No special treatment for China on XP, patches end April 8 in the PRC, too
- Microsoft misjudges customer loyalty with kill-XP plea
- Users mock Microsoft for asking their help on XP-to-Windows 8.1 upgrades
- Backlash slaps Microsoft's 'help-a-friend-dump-XP' plea
- Perspective: Microsoft asks for volunteers to join its kill-XP army
- Users postpone ditch-XP decision as Windows 8 runs to stay in place
- Microsoft retains weapon to silently scrub XP
Read more about Windows in Computerworld's Windows Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Taking Windows Mobile on Any Device Taking Windows applications mobile has many advantages, but the process of identifying a solution is complex. Learn how to solve this complex problem...
- System and Data Protection, Recovery and Availability This white paper describes how ARCserve works and the benefits it can provide IT environments of all sizes.
- Simplifying Data Protection, Reducing Risk of Data Loss and System Downtime This white paper outlines what IT organizations should look for in a data protection solution, including simplicity and ease of deployment, comprehensive protection,...
- Complexity Ate My Budget When it comes to data protection, having multiple point solutions is not the answer. Find out how to gain a holistic view of...
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Windows White Papers |