Windows XP infection rate may jump 66% after patches end in April
"You never heard Microsoft tell Windows Millennium users that they had to upgrade," said Michael Cherry, an analyst with Directions on Microsoft, referring to a September 2000 edition that quickly vanished after XP's appearance a year later.
But things are different this time around.
"This is the first time that Microsoft has had to put its foot down," Cherry continued. "Pre-XP, there were always sufficient changes to the underlying hardware and the operating system to prompt people to upgrade to newer PCs and a new Windows. With XP that didn't happen. It's the first time when we've had insufficient hardware changes. XP was the first Windows that was 'good enough.' So this isn't like before."
Cynics see other reasons behind Microsoft's bash-XP drumbeat, as the company has used, included on Tuesday, the opportunity to trumpet Windows 8's improved security and urged customers to upgrade to the newest OS. And it's not like Microsoft's hands are tied; it's not being forced into dropping Windows XP off the support list. The company's security engineers will continue to craft patches for XP for at least several years after next April. Only large enterprises and organizations that have paid millions for special support contracts will receive those patches, however.
But Microsoft will stand firm, said Cherry and others yesterday.
"Microsoft is saying, 'Look, get the message ... we're serious this time,'" Cherry said. "If they waver in any way from this message, people will stop migrating."
"We have to think about an operating system like any other product. It has a use-by date," said John Pescatore, director of emerging security trends at the SANS Institute. "After that, you're on your own. You can't continue to expect them to release patches forever. When a tire is bald, you can't just put more patches on it."
While Pescatore has long held the opinion that Microsoft would not back off its XP retirement plans -- saying last year that the company had drawn "a line in the sand" -- Cherry once thought there was a chance that Microsoft would change its mind as the deadline approached.
"I'm drifting away from that [opinion]," Cherry said Tuesday. "XP is dropping faster that I had expected."
True. Since August 1, according to metrics company Net Applications, Windows XP's user share has dropped nearly six percentage points. As of the end of September, it accounted for 35% of all editions of Windows in use worldwide.
Microsoft claims it's much lower than that in the enterprise. Last week, Amy Hood, the company's chief financial officer, said that 75% of corporate PCs were running Windows 7, implying that most of the rest were still on XP.
"When you start to get into 25% and below [for XP], support retirement is going to be a less significant event," contended Cherry, especially where Microsoft is concerned, in the enterprise, the bastion of Windows. "That's Microsoft's number. It's what they believe," Cherry added, meaning other estimates of XP's prevalence are immaterial to the company as it ponders, if it ever did, a support extension.
Not every expert concurred. Lawrence Pingree, an analyst with Gartner, believed Microsoft owed it to customers to continue supporting Windows XP. After all, the company's own missteps -- the delay between XP and Vista, the rough edges of the latter, and a two-year extension to support for XP -- were largely the cause of the OS's longevity and resulting entrenchment.
"Anyone can understand why any OS manufacturer wants to dedicate resources for new versions of their OS," said Pingree in an email. "However, security patch availability should be based on market share and penetration rates, otherwise the manufacturer does a disservice to its customers.
"Using an analogy: Does a car manufacturer bear responsibility to recall versions of cars that are being driven but not actively manufactured? My sense is yes. What is the responsible thing to do?" Pingree asked.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed . His email address is firstname.lastname@example.org.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
Read more about Operating Systems in Computerworld's Operating Systems Topic Center.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- 9 Essentials for a Complete Cloud-to-Cloud Backup Solution In 9 Essentials for a Complete Cloud-to-Cloud Backup Solution, we'll walk you through potential sources of data loss in the cloud and provide...
- Workload Change: The 70 Percent of Your Business DevOps Forgot Adding WLA early in the development process ensures that the benefits of DevOps accrue for all applications, including your batch services. This paper...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Protecting Critical SaaS Data Before It's Too Late In this webinar, you'll hear how to avoid SaaS data loss through best practices from a panel of experts. All Operating Systems White Papers | Webcasts