Windows XP infection rate may jump 66% after patches end in April
Microsoft again puts the scare into XP laggards, this time using stats
Computerworld - Microsoft yesterday again put the scare into Windows XP users, telling them that after April 8, 2014, the chance that malware will infect their PCs could jump by two-thirds.
The claim, made by Tim Rains, director of Microsoft's Trustworthy Computing group, came on the heels of the release of the company's twice-annual Security Intelligence Report (download PDF).
Following up on comments he made in August, Rains again warned Windows XP stragglers to expect an increase in attacks when the aged operating system exits support in five months.
"After end of support, attackers will have an advantage over defenders who continue to run Windows XP," Rains asserted in a Tuesday post to a company blog. "After April next year, when we release monthly security updates for supported versions of Windows, attackers will try and reverse engineer them to identify any vulnerabilities that also exist in Windows XP. If they succeed, attackers will have the capability to develop exploit code to take advantage of them."
Rains then went a step further, and cited statistics from Microsoft's own telemetry-gathering efforts to give customers an idea of the increased threat after support ends.
"We have already had a glimpse into what happens when a Windows XP-based platform goes out of support," Rains added. "In the two years after Windows XP Service Pack 2 went out of support, its malware infection rate was 66% higher than Windows XP Service Pack 3 -- the last supported version of Windows XP."
Support for Windows XP Service Pack 2 (SP2) ended in July 2010, a little over two years after the release of XP SP3.
In a chart accompanying his comments, Rains showed the higher infection rate of Windows XP SP2 when compared to SP3. The two started out with similar infection rates, but began to diverge in the first quarter of 2011, with the largest gap in Q4 of that year. Since then, the difference between the two has narrowed: In the fourth quarter of 2012, the latest shown in the chart, the gap appeared to be approximately four computers per thousand -- 12 for SP3 versus 16 for SP2 -- representing a 33% increase in the latter's infection rate.
While there could be other reasons for the different infection rates, including lack of up-to-date security software, Rains' implied assumption was that it was because XP SP2 had not been patched -- because it could not be -- while XP SP3 had been.
Microsoft has been extremely blunt about the danger customers will face next year after Windows XP support vanishes, belittling the creaky OS's security prowess, even attacking it at times. That's unusual. Microsoft's usual tactic is to simply ignore an older operating system, as it does Windows Vista, the flop that now accounts for just 4% of all Windows PCs.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
- Who does NSS Labs "Recommend" for NGFW? In 2012, NSS Labs found that most available NGFW solutions "fell short in performance and security effectiveness." In 2013 NSS Labs noted "marked...
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- 9 Essentials for a Complete Cloud-to-Cloud Backup Solution In 9 Essentials for a Complete Cloud-to-Cloud Backup Solution, we'll walk you through potential sources of data loss in the cloud and provide...
- Workload Change: The 70 Percent of Your Business DevOps Forgot Adding WLA early in the development process ensures that the benefits of DevOps accrue for all applications, including your batch services. This paper...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Protecting Critical SaaS Data Before It's Too Late In this webinar, you'll hear how to avoid SaaS data loss through best practices from a panel of experts. All Operating Systems White Papers | Webcasts