Microsoft has issued a reminder that security patches, software updates and technical support for Windows XP and Office 2003 ends next week on 8 April.
XP was launched in October 2001. According to the vendor, it has been supported for more than12 years – longer than any other Windows operating system (OS).
Microsoft Australia commercial product marketing manager Emmanuele Silanesu told Computerworld Australia in January that a full migration off XP can take up to six months, depending on the organisation’s size.
“Businesses will need to take into account the size of their employee base, the number of existing apps currently in use as well as the data that will need to be migrated. All these aspects can be roadblocks to the migration path and add time to the process,” he said at the time.
- Australian users migrating from Windows XP faster than US, UK: report
- Windows XP April 2014 deadline fast approaching
- Windows XP: The final countdown
To help with the migration, Silanesu suggested that companies develop a migration strategy budget as well as conduct hardware and software inventory.
He added that there are good security reasons for moving away from XP. According to Microsoft’s Security Intelligence Report (Vol.15), XP Service Pack 3 has an 82.4 per cent malware infection rate.
“While Internet access brings a wealth of benefits, it’s also a hotbed for cyber criminals, so it’s really critical that businesses or consumers who still own XP devices recognise that it’s not just about upgrading to something new,” he said.
According to Trend Micro’s smart protection network data released this week, 6.57 per cent of PCs in Australia and New Zealand are still running the OS.
“We usually think of Internet security as something 'other people’ take care of,” Trend Micro A/NZ managing director Sanjay Mehta said in a statement.
“But we are all part of the Internet and we all have a responsibility not just to ourselves but to each other to keep it as safe as possible.” He said that the vendor has released a flyer aimed at consumers which explains the end of security support for XP in easy to understand terms.
Threat Intelligence CEO and founder Ty Miller warned that it is a “certainty” that new vulnerabilities in XP will be discovered after support ends because this happens to all operating systems that become obsolete.
“It is a safe assumption that hackers and malware developers will hold off launching their attacks until after 8 April. I would be surprised if a tsunami of malware was released on this date. This could force Microsoft into a position of having to release patches that would reduce the exploitative value and ROI,” he said in a statement.
“I would expect it to be a more gradual release process over the next year where there are reports of new malware targeting XP with more vulnerabilities.”
According to Miller, there is an opportunity for hackers to make “significant financial gains” from a zero-day vulnerability that will never be patched.
“This vulnerability has the potential to build large scale botnets. Access to these compromised machines can be leased out for their processing power or network bandwidth for denial of service attacks.”
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.