CIO - Millions of PCs running Windows XP face a tsunami of hacker attacks starting tomorrow, when Microsoft ceases support for the aging, still-popular, operating system
After tomorrow, there will be no more security updates, so it's likely that black hats will release a torrent of stockpiled malware to exploit vulnerabilities that Microsoft will no longer patch. "Some hackers are bound to be hanging on to exploits and waiting for support to end, says Chris Sherman, a security analyst at Forrester Research. "If you knew of a vulnerability, why wouldn't you?"
Hackers will also be able to examine Microsoft's future Windows Vista and Windows 7 security updates to gain insights into the underlying vulnerabilities they patch and apply that knowledge to exploit similar vulnerabilities that will exist in Windows XP.
[ Feature: Looking Back At the Windows XP Era ]
The end of Windows XP is a potential problem for companies because of the sheer number of XP machines out there. Forrester estimates that 20 percent of business endpoints run XP, with as many as 23 percent in the public and healthcare sectors; retailers are also at risk. Research by Fiberlink, an IBM-owned mobile device management company, likewise found that up to 20 percent of the endpoints it surveyed run XP - and that excludes a few large financial companies that are very heavy XP users.
If Windows XP Support Is Ending, Why Are Companies Still Using It?
A good question to ask is why these systems haven't been migrated to a more modern operating system. After all, Microsoft announced the date for the end of support for Windows XP back in April 2012.
"Some organizations have underestimated migration times, some thought that the issue was not important, and it's possible that some IT departments didn't get the funding to carry out a migration," says Michael Silver, a research vice president at Gartner. He adds that some organizations didn't take the end of support date seriously or are content to upgrade to a newer version of Windows as they go through their hardware refresh cycles.
In addition, plenty of organizations use legacy applications that can be run only on XP because they are incompatible with later versions of Windows. Others are unwilling to upgrade because drivers are unavailable for expensive pieces of equipment that they use, such as medical devices.
Automation Can Expedite Windows XP Migration
Migration is certainly time-consuming, but the actual time required depends on the amount of resources that a company has available. "You could migrate 20,000 machines over a weekend - if you have 20,000 technicians," Silver points out. The key to quick migration without using huge amounts of human resources is automation.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
- Workload Change: The 70 Percent of Your Business DevOps Forgot Adding WLA early in the development process ensures that the benefits of DevOps accrue for all applications, including your batch services. This paper...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- QA Automation: Reducing Test Execution While Improving Coverage A leading capital investment firm in the US was in need of a comprehensive, cost effective and flexible solution to reduce their existing...
- Turning Insight Into Action: Social Media Intelligence The amount of data produced on social media is staggering - and so is the potential business value for enterprises that know what...
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- Protecting Critical SaaS Data Before It's Too Late In this webinar, you'll hear how to avoid SaaS data loss through best practices from a panel of experts. All Operating Systems White Papers | Webcasts