AV vendors buck Microsoft, will deliver Windows XP anti-malware signatures for years
Microsoft may want XP dead and buried, but AV rivals plan to support the OS for a long time
Computerworld - Windows XP owners can expect most antivirus vendors to continue providing them with up-to-date signatures long after Microsoft pulls its patch plug in April, but that won't keep their machines safe, an expert said today.
Microsoft will deliver its final public patches for Windows XP on April 8, less than three months from now, finally retiring the 13-year-old operating system, the most successful ever for the Redmond, Wash. developer.
That will leave users still running XP -- and there are hundreds of millions worldwide -- without a way to fix vulnerabilities that hackers can exploit with impunity.
"Antivirus cannot patch the underlying vulnerability," said Andreas Marx, CEO of AV-Test, a German company that regularly evaluates antivirus (AV) products for Windows. "There's nothing that AV can do to close those vulnerabilities, it can only limit malware spreading from one machine to another."
Although he urged XP users to upgrade to a newer and still-supported operating system -- whether Windows 7, 8 or 8.1 from Microsoft, OS X from Apple or Linux from the numerous distributors of the open-source OS -- Marx acknowledged that's not possible for everyone, much less in the limited time left before Microsoft calls it quits.
But by taking steps, XP owners can make their PCs, if not secure, at least safer to use.
"Internet Explorer [IE] and Outlook Express [an obsolete email client distributed with XP] will also no longer receive security fixes, so it will be very dangerous to continue using that browser and email client," said Marx.
Instead, people should switch to alternate browsers and email programs that will be patched after April, such as Google's Chrome, Mozilla's Firefox and Opera Software's Opera browsers. Google has promised to continue supporting Chrome on XP until at least April 2015, for example.
And while an AV program can't keep all threats at bay, Marx urged users to invest in one if they plan on running the older OS through 2014 and beyond.
"AV products will lose these battles [with malware makers] on XP sooner or later," said Marx. "XP will be like Swiss cheese. But you can still do things to protect the system."
Marx contacted more than 20 AV companies to find out whether they will continue to support XP with updated anti-malware signatures, and if so, for how long. Today Marx published that list on his AV-Test website, along with a call for other vendors to submit information so he can keep the count up to date.
Microsoft, for one, announced last year that it would stop serving signatures to XP users of Security Essentials, the free AV program that launched in 2008, and discontinue downloads of the software, after April 8. Today, however, Microsoft backtracked, extending Security Essentials' lifespan until July 14, 2015. It will provide free signature updates until that date as well.
But most third-party AV makers will keep churning out signatures for even longer, Marx found.
Kaspersky, BitDefender and Avira, for example, which placed 1-2-3 in AV-Test's September-October 2013 examination of AV products for Windows XP, have pledged to support consumers until 2018, January 2016 and April 2015, respectively. On the business side, Kaspersky, Symantec and Trend Micro products topped the list; Kaspersky will support its end-point AV software on XP until the second half of 2016, Trend Micro until Jan. 30, 2017. Symantec has not set an end date.
Windows XP lives
- Perspective: Microsoft risks security reputation ruin by retiring XP
- Update: Microsoft reacts to XP upgrade critics with free file transfer tool
- No special treatment for China on XP, patches end April 8 in the PRC, too
- Microsoft misjudges customer loyalty with kill-XP plea
- Users mock Microsoft for asking their help on XP-to-Windows 8.1 upgrades
- Backlash slaps Microsoft's 'help-a-friend-dump-XP' plea
- Perspective: Microsoft asks for volunteers to join its kill-XP army
- Users postpone ditch-XP decision as Windows 8 runs to stay in place
- Microsoft retains weapon to silently scrub XP
- Microsoft will furnish malware assassin to XP users until mid-2015
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The Threat Landscape Hardly a day goes by without the discovery of a new cyberthreat somewhere in the world! But how do you keep up with...
- Security for Virtualization In the rush to implement virtualization, security has become second. So while the business benefits are clear, the risks are less well documented...
- Pay-as-you-Grow Data Protection: IBM Tivoli's Full-featured Data Protection Suite for Small to Medium Businesses IBM Tivoli Storage Manager Suite for Unified Recovery gives small and medium businesses the opportunity to start out with only the individual solutions...
- Streamline Data Protection with IBM Tivoli Storage Manager Operations Center IBM Tivoli Storage Manager (TSM) has been an industry-standard data protection solution for two decades. But, where most competitors focus exclusively on Backup...
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- The New Way to Work Knowledge Vault This Knowledge Vault focuses on how, in today's increasingly virtual world, it's more important than ever to engage deeply with employees, suppliers, partners,... All Malware and Vulnerabilities White Papers | Webcasts