Story image

Windows XP end-of-life: Danger or hype?

20 Mar 14

You are probably aware that official support for Microsoft Windows XP ends on April 8, 2014.

After this date, Microsoft will stop sending out security patches for the aging operating system. Support for Office 2003 and Exchange 2003 ends on the same day.

There are plenty of scare stories around about what will happen in the aftermath of this support withdrawal. Undoubtedly, some people won’t manage to migrate their systems in time.

Are the dangers significant or are the risks over-hyped?

Genuine Dangers...

Let me get straight to the point: we at GFI Software think the danger is real.

Hackers have a really easy way of finding ways to exploit Windows XP once support patches stop being released. Each time a patch arrives for Windows 7 or 8, they can take the time to reverse-engineer it and see if the vulnerability also applies to Windows XP. If it does, they hit the jackpot.

Microsoft won’t release an XP patch, so the vulnerability sits there ripe for exploitation on all the systems that continue to run XP after the deadline.

The problem gets worse when you consider Outlook and Exchange as well. Many companies use Outlook together with third-party plugins, often as a way to interface with a CRM system. These systems will also become very vulnerable if they’re not quickly moved onto supported platforms.

Compliance...

Compliance is also a serious matter. The new Australian Privacy Act requires that organisations take reasonable steps to protect personally identifiable information from misuse, interference, loss, unauthorised access, modification and disclosure.

The Payment Card Industry Standards (PCI) compliance guidelines state that institutions must use a “manufacturer supported operating system”.

Companies who fail to upgrade could find themselves in serious legal hot water if a breach occurs and they are still be using an operating system that is no longer supported. Companies providing indemnity and liability insurance may refuse to pay out if their clients are in breach of legislation.

The danger surrounding XP’s end of life is NOT just hype. Falling foul of compliance legislation can result in financial ruin and reputational damage for companies of all sizes.

Now is the time to give some serious thought to anywhere that XP, Office 2003 and Exchange 2003 may continue to lurk.

Here are some places to start:

· Home users who may still have a long forgotten XP laptop.

· Control machines running things like access control and CCTV systems.

· Old servers that remain on the network to provide access to historical information.

It only takes one unpatched machine to provide hackers with a way in to a network. Now’s the time for a final look around, and a final wave goodbye to Windows XP. If you haven’t started, well…

An easy way to track down those machines or systems still running XP is to use Free Asset Tracking, a no-charge component of the GFI Cloud suite of cloud-based IT management services. GFI Cloud also provides patch management, antivirus and monitoring from the same console.

That could take the hard work out of your inventory process at least.

By Jackie Wake, Product Manager, GFI Software

EU cloud adoption rising, but still far from mainstream
Cloud adoption is surging among some European Union (EU) nations but it still has a way to go to becoming commonplace across the board
Industry cloud market forecast for ‘unusual’ growth
The market for industry cloud solutions is in good stead with that growth showing little signs of slowing.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Dell dominates enterprise storage market, HPE declines
The enterprise storage system market continues to be a goldmine for most vendors with demand relentlessly rising year-on-year.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.
Is Supermicro innocent? 3rd party test finds no malicious hardware
One of the larger scandals within IT circles took place this year with Bloomberg firing shots at Supermicro - now Supermicro is firing back.