Microsoft continues to urge Windows XP users to upgrade to either Windows 7 or Windows 8 before support for the older operating system ends in 2014.
When support for Windows XP ends in April 2014, systems running the OS will effectively have a 'zero date' vulnerability forever, warned Tim Rains, a director of Microsoft's Trustworthy Computing group.
"When Microsoft releases a security update, security researchers and criminals will often times reverse engineer the security update in short order in an effort to identify the specific section of code that contains the vulnerability addressed by the update," Rains noted in a blog post entitledThe risk of running Windows XP after support ends April 2014'.
"But after April 8, 2014, organizations that continue to run Windows XP won't have this advantage over attackers any longer."
Rains claimed hackers will reverse engineer updates in the first security package released after XP is no longer supported as soon as it is issued and attempt to apply them to the older operating system.
"Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a 'zero day' vulnerability forever," he said.
"As for the security mitigations that Windows XP Service Pack 3 has, they were state of the art when they were developed many years ago. But ... the security mitigations built into Windows XP are no longer sufficient to blunt many of the modern day attacks we currently see," Rains added.
Microsoft began a countdown for the end of Windows XP support in July 2011. With one year to go before the end of support, on 8 April 2013, the company also warned 600 million PC users would be at serious risk if they did not upgrade to a more recent operating system.
However analyst house Ovum said in users should not feel pressured to upgrade to Windows 7 or 8.
"If we assume that Windows XP systems have the latest patches, fixes and up-to-date security software installed ... there is no reason to believe that life after [April 2014] will be any different than before," Richard Edwards, principal analyst at Ovum said.
Nevertheless, Rains concluded his blog post by warning "organisations need a level of certainty about the integrity of their systems. Minimising the number of systems running unsupported operating systems is helpful in achieving that".
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Microsoft angers admins as April Patch Tuesday delivers password feature without migration guidanceNews Security fixes include a zero day exploited by a ransomware group and seven critical flaws
-
Managing a late migrationOpinion When it comes to moving from Windows 7 to Windows 10, it's better late than never
-
How to set up a Windows 7 emulator for Windows 10Tutorials A complete guide for setting up a Windows 7 emulator for Windows 10 so you don’t lose access to your apps
-
The autopsy of Windows 7
In-depth Report of a postmortem examination
-
The IT Pro Podcast: Farewell Windows 7IT Pro Podcast We reflect on the legacy of one of Microsoft's most enduringly popular operating systems
-
Windows 7 ends: what do you do next?
In-depth From SMBs to big business and individuals, after 10 years it's time to move on from Windows 7
-
Windows 7 end of life: What to do if you haven't upgraded yetIn-depth Microsoft has now officially moved Windows 7 to end of life, meaning it's no longer a viable business platform
-
Windows 10 vs Windows 8.1: Which was the best operating system?Vs We rate Windows 10 vs Windows 8.1 in a number of key categories for professional use
