Microsoft: We're serious this time; XP's dead to us
That rush fix last week? Just forget it ever happened
Computerworld - Microsoft today reminded customers still running Windows XP that they would not receive security updates from the Patch Tuesday slate shipped to newer operating systems, or for that matter, future fixes of any kind.
"With today's Update Tuesday, if you are still on Windows XP you will not receive any security or non-security updates through Windows Update or Microsoft Update," said Microsoft spokesman Brandon LeBlanc on a company blog. "Because support has ended for Windows XP, we are no longer releasing updates to the general public for Windows XP going forward."
LeBlanc's missive was little more than a reminder that Microsoft has absolutely, positively, no-ifs-ands-or-buts retired Windows XP. The firm has been pounding the XP-is-dead drum for years at varying beats.
Microsoft served XP with its last Patch Tuesday collection on April 8, making today's set the first sans security updates for the 13-year-old operating system.
LeBlanc also reiterated Microsoft's rationale for deviating from policy earlier this month when it issued a patch for a vulnerability in Internet Explorer (IE); that update was delivered to Windows XP PCs, even though the warhorse was technically already put to pasture.
"We made the decision to extend the update to all Windows XP customers based on the proximity to the established end of support date of April 8 for Windows XP," LeBlanc said. "This was an exception, however; the Windows XP end of support policy still remains in place moving forward."
For Microsoft, "proximity" meant 23 days, the stretch between April 8, when XP retired, and May 1, when the firm pushed the emergency IE update to Windows XP-powered PCs. Thirty-five days, the span from April 8 to today, was, by Microsoft's definition, too long.
Finally, LeBlanc made yet another pitch to customers on XP to upgrade to a more modern version of Windows, specifically Windows 8.1. "We continue to encourage customers still on Windows XP to upgrade to a modern, more secure operating system like Windows 8.1," said LeBlanc.
The continued call to migrate to Windows 8.1, rather than something more familiar to XP owners, like Windows 7, was another example of Microsoft's flogging a dead horse. In February, LeBlanc urged technically-astute customers to help friends and family upgrade existing PCs to Windows 8.1 or assist them in buying a new computer running 8.1.
The very users LeBlanc addressed nearly unanimously hooted down his suggestions, saying they'd not do their part because of what they perceived as Windows 8's and 8.1's failings.
Although LeBlanc seemed firm on the no-more-patches-for-XP stance, experts have questioned the company's commitment. "If next month someone finds another zero-day like this one, Microsoft could just move the line again," said John Pescatore, director of emerging security trends at the SANS Institute, after Microsoft rushed the IE patch to XP users.
The root of Microsoft's problem with Windows XP is that the OS runs on hundreds of millions of PCs worldwide. According to metrics firm Net Applications, 26% of all personal computers relied on XP in April.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is email@example.com.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
Read more about Malware and Vulnerabilities in Computerworld's Malware and Vulnerabilities Topic Center.
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts