XPocalypse, not now
Didn't hackers get the memo? They were supposed to be exploiting the unpatched Windows XP
Computerworld - Two months after Microsoft withdrew support for Windows XP, the catastrophic wave of exploits that security experts predicted would quickly wash over the aged operating system have failed to materialize.
Microsoft provided its last regularly-scheduled security updates for Windows XP on April 8, making only a single one-time exemption several weeks later when it patched a then-being-exploited vulnerability in Internet Explorer, including the browser on XP.
But widespread, extraordinary Windows XP-specific attacks have not unfolded. Or perhaps better put, if they have, they haven't reached a level where watchful security companies have noticed. And antivirus vendors are among the first to shout warnings, both for altruistic and self-serving reasons.
Instead, the malware landscape has been populated with the usual, an unfortunate run-of-the-mill blend of phishing attacks, exploit kits and ransomware.
That's not what some security professionals believed would happen.
"When someone discovers a very reliable, remotely executable XP vulnerability, and publishes it today, Microsoft will patch it in a few weeks," said Jason Fossen, a trainer for SANS and an expert on Microsoft security, in an August 2013 interview. "But if they sit on a vulnerability, the price for it could very well double. [So hackers] will be motivated to sit on them."
Fossen's thesis -- that cyber criminals would "bank" Windows XP vulnerabilities and put them to use only after April 8, 2014 -- was not his alone. Microsoft believed it, too.
Several times in the last 12 months, the Redmond, Wash. company warned Windows XP customers to get the lead out, ditch the creaky, leaky OS or face a certain surge in attacks. The most notable was in October 2013, when Tim Rains, director of Microsoft's Trustworthy Computing group, cited statistics from the firm's own telemetry to suggest that post-retirement Windows XP malware infection rates could jump dramatically.
So far, nothing.
To be fair, no one posted a timetable when XP would suffer additional slings and arrows, although Rains did predict late last year that in 2014 the operating system "will not be able to keep pace with attackers, and more Windows XP-based systems will get compromised." Safe bet.
In fact, a close look at the example Rains touted -- of Windows XP Service Pack 2 (SP2) -- showed that infection rates only truly spiked more than a year after it was retired and replaced by Windows XP SP3.
"If I could predict when the giant wave of XP bugs were going to hit, I could also surely predict this year's World Series winner," said Andrew Storms, director of DevOps at CloudPassage, a San Francisco security firm, when asked about the lack of public attacks.
But with each passing day that Windows XP PCs remain unassailed, complacency is sure to set in as users start to believe that Fossen, other security experts and, most of all, Microsoft were crying wolf.
That would feed right into the conspiracy theories some have grasped, that Microsoft only yanked support for XP to boost flagging sales of Windows 8.1 PCs, that it had the capability to provide patches (true, actually) but declined to do so in the expectation that it would reap a windfall from enterprises extorted of millions in extended support contracts (not true, as it significantly reduced prices of those contracts just before XP dropped from support).
One can get a glimpse of both the complacent and the conspiracist simply by looking at the coverage last month of a hack that duped Windows Update into serving Windows XP systems with patches, but patches from a cousin-once-or-twice-removed, Windows Embedded POSReady 2009. That version, admittedly based on Windows XP SP3, was designed for point-of-sale systems, particularly cash registers, and automated teller machines.
Windows XP lives
- XPocalypse, not now
- Windows XP hack resurrects patches for retired OS
- Bug bounty program outs 7-month-old IE zero-day
- CA Technologies releases free XP migration tool
- Windows XP's U.S. farewell tour to last most of '14
- Microsoft sticks to vow, leaves XP exposed to ongoing attacks
- Microsoft's Patch Tuesday gives XP attackers a roadmap
- Microsoft: We're serious this time; XP's dead to us
- Windows XP die-hards can slash attack risk by dumping IE
- Hackers now crave patches, and Microsoft's giving them just what they want
- Deep Security +VMware vSphere with Operations Management Most midsize organizations are highly virtualized on VMware, and while this has produced significant savings, it also has created new challenges when it...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- DDoS Infographic: How Are Attacks Evolving? For the third consecutive year, Neustar surveyed businesses across major industries to track the evolution of DDoS attacks. Are they more frequent? Larger?...
- How to Use Crowd-Sourced Threat Intelligence to Stop Malware in its Tracks Threat sharing networks have been around for a long time, however they have typically been "invitation-only", available to only large companies, or those...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Malware and Vulnerabilities White Papers | Webcasts