Windows XP infection rate may jump 66% after patches end in April
Microsoft again puts the scare into XP laggards, this time using stats
Computerworld - Microsoft yesterday again put the scare into Windows XP users, telling them that after April 8, 2014, the chance that malware will infect their PCs could jump by two-thirds.
The claim, made by Tim Rains, director of Microsoft's Trustworthy Computing group, came on the heels of the release of the company's twice-annual Security Intelligence Report (download PDF).
Following up on comments he made in August, Rains again warned Windows XP stragglers to expect an increase in attacks when the aged operating system exits support in five months.
"After end of support, attackers will have an advantage over defenders who continue to run Windows XP," Rains asserted in a Tuesday post to a company blog. "After April next year, when we release monthly security updates for supported versions of Windows, attackers will try and reverse engineer them to identify any vulnerabilities that also exist in Windows XP. If they succeed, attackers will have the capability to develop exploit code to take advantage of them."
Rains then went a step further, and cited statistics from Microsoft's own telemetry-gathering efforts to give customers an idea of the increased threat after support ends.
"We have already had a glimpse into what happens when a Windows XP-based platform goes out of support," Rains added. "In the two years after Windows XP Service Pack 2 went out of support, its malware infection rate was 66% higher than Windows XP Service Pack 3 -- the last supported version of Windows XP."
Support for Windows XP Service Pack 2 (SP2) ended in July 2010, a little over two years after the release of XP SP3.
In a chart accompanying his comments, Rains showed the higher infection rate of Windows XP SP2 when compared to SP3. The two started out with similar infection rates, but began to diverge in the first quarter of 2011, with the largest gap in Q4 of that year. Since then, the difference between the two has narrowed: In the fourth quarter of 2012, the latest shown in the chart, the gap appeared to be approximately four computers per thousand -- 12 for SP3 versus 16 for SP2 -- representing a 33% increase in the latter's infection rate.
While there could be other reasons for the different infection rates, including lack of up-to-date security software, Rains' implied assumption was that it was because XP SP2 had not been patched -- because it could not be -- while XP SP3 had been.
Microsoft has been extremely blunt about the danger customers will face next year after Windows XP support vanishes, belittling the creaky OS's security prowess, even attacking it at times. That's unusual. Microsoft's usual tactic is to simply ignore an older operating system, as it does Windows Vista, the flop that now accounts for just 4% of all Windows PCs.
Windows XP lives
- Microsoft slashes Windows XP custom support prices just days before axing public patches
- Update: IRS misses XP deadline, will spend $30M to upgrade remaining PCs
- Microsoft Patch Tuesday bids adieu to Windows XP
- FAQ: Good-bye old pal, old paint, Windows XP
- Windows XP: The end is nigh
- How to Support Windows XP Now That Microsoft Isn't
- Microsoft sketches out final Windows XP security updates for next week
- Last-minute lazybones dump Windows XP
- Microsoft returns to scare tactic well in dump-XP campaign
- Microsoft tries to tempt XP diehards with $100 discount on new PCs
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts