End of Windows XP support spells trouble for some

Apr 07, 2014 by Bree Fowler
In this Oct. 25, 2001 file photo, Microsoft chairman Bill Gates stands in New York's Times Square to promote the new Windows XP operating system. On Tuesday, April 8, 2014, Microsoft will end support for its still popular Windows XP. With an estimated 30 percent of businesses and consumers still using the 12-year-old operating system, the move could put everything from the data of major financial institutions to the identities of everyday people in danger if they don't find a way to upgrade soon. (AP Photo/Richard Drew, File)

Microsoft will end support for the persistently popular Windows XP on Tuesday, and with an estimated 30 percent of businesses and consumers still using the 12-year-old operating system, the move could put everything from the operations of heavy industry to the identities of everyday people in danger.

"What once was considered low-hanging fruit by hackers now has a big neon bull's eye on it," says Patrick Thomas, a security consultant at the San Jose, California-based firm Neohapsis.

Microsoft has released a handful of Windows operating systems since 2001, but XP's popularity and the durability of the computers it was installed on kept it around longer than expected. Analysts say that if a PC is more than five years old, chances are it's running XP.

While users can still run XP after Tuesday, Microsoft says it will no longer provide new security updates, issued fixes to non-security related problems or offer online technical content updates. The Redmond, Wash.-based company says it will provide anti-malware-related updates through July 14, 2015, but warns that the tweaks could be of limited help on an outdated operating system.

Most industry observers say they recognize that the time for Microsoft to end support for such a dated system has come, but the move poses both security and operational risks for the remaining users. In addition to home computers, XP is used to run everything from water treatment facilities and power plants to small businesses like doctor's offices.

Thomas says XP appealed to a wide variety of people and businesses that saw it as a reliable workhorse and many chose to stick with it instead of upgrading to Windows Vista, Windows 7 or 8.

Thomas notes that companies that don't like risk, generally don't like change. As a result, companies most likely to still be using XP include banks and financial services companies, along with health care providers. He also pointed to schools from the university level down, saying that they often don't have enough money to fund equipment upgrades.

Marcin Kleczynski, CEO of Malwarebytes, says that without patches to fix bugs in the software XP PCs will be prone to freezing up and crashing, while the absence of updated security related protections make the computers susceptible to hackers.

He added that future security patches released for Microsoft's newer systems will serve as a way for nefarious people to reverse engineer ways to breach now-unprotected Windows XP computers.

In this Oct. 25, 2001 file photo, then Microsoft chairman Bill Gates speaks during the product launch of the new Windows XP operating system in New York. Gates touted the software as the harbinger of a new era in more Internet-centric computing. On Tuesday, April 8, 2014, Microsoft will end support for its still popular Windows XP. With an estimated 30 percent of businesses and consumers still using the 12-year-old operating system, the move could put everything from the data of major financial institutions to the identities of everyday people in danger if they don't find a way to upgrade soon. (AP Photo/Richard Drew, File)

"It's going to be interesting to say the least," he says. "There are plenty of black hats out there that are looking for the first vulnerability and will be looking at Windows 7 and 8 to find those vulnerabilities. And if you're able to find a vulnerability in XP, it's pretty much a silver key."

Those weaknesses can affect businesses both large and small.

Mark Bernardo, general manager of automation software at General Electric Co.'s Intelligent Platforms division, says moving to a new operating system can be extremely complicated and expensive for industrial companies. Bernardo, whose GE division offers advisory services for upgrading from XP, says many of the unit's customers fall into the fields of water and waste water, along with oil and gas.

"Even if their sole network is completely sealed off from attack, there are still operational issues to deal with," he says.

Meanwhile, many small businesses are put off by the hefty cost of upgrading or just aren't focused on their IT needs.

Barry Maher, a salesperson trainer and motivational speaker based in Corona, California, says his IT consultant warned him about the end of XP support last year. But he was so busy with other things that he didn't start actively looking for a new computer until a few weeks ago.

"This probably hasn't been as high a priority as it should have been," he says.

In this Oct. 25, 2006 file photo, the logo for Microsoft Corp.'s Media Center Edition of the Windows XP operating system is displayed on a screen at a CompUSA store in Bellevue, Wash. On Tuesday, April 8, 2014, Microsoft will end support for its still popular Windows XP. With an estimated 30 percent of businesses and consumers still using the 12-year-old operating system, the move could put everything from the data of major financial institutions to the identities of everyday people in danger if they don't find a way to upgrade soon. (AP Photo/Ted S. Warren, File)

He got his current PC just before Microsoft released Vista in 2007. He never bought another PC because, "As long as the machine is doing what I want it to do, and running the software I need to run, I would never change it."

Mark McCreary, a Philadelphia-based attorney with the firm Fox Rothschild LLP, says could be among the most effected by the end of support, because they don't have the same kinds of firewalls and in-house IT departments that larger companies possess. And if they don't upgrade and something bad happens, they could face lawsuits from customers.

In this Nov. 8 2001 file photo, workers install a 10-story Windows XP banner on a hotel near the Las Vegas Convention Center in Las Vegas. On Tuesday, April 8, 2014, Microsoft will end support for its still popular Windows XP. With an estimated 30 percent of businesses and consumers still using the 12-year-old operating system, the move could put everything from the data of major financial institutions to the identities of everyday people in danger if they don't find a way to upgrade soon. (AP Photo/Joe Cavaretta, File)

But he says he doesn't expect the wide-spread malware attacks and disasters that others are predicting—at least for a while.

"It's not that you blow it off and wait another seven years, but it's not like everything is going to explode on April 8 either," he says.

McCreary points to Microsoft's plans to keep providing malware-related updates for well over a year, adding that he doubts hackers are actually saving up their malware attacks for the day support ends.

But Sam Glines, CEO of Norse, a threat-detection firm with major offices in St. Louis and Silicon Valley, disagrees. He believes hackers have been watching potential targets for some time now.

This July 22, 2009 file photo shows a Windows XP logo on a Hewlett Packard Laptop at a Best Buy in Mountain View, Calif. On Tuesday, April 8, 2014, Microsoft will end support for its still popular Windows XP. With an estimated 30 percent of businesses and consumers still using the 12-year-old operating system, the move could put everything from the data of major financial institutions to the identities of everyday people in danger if they don't find a way to upgrade soon. (AP Photo/Paul Sakuma, File)

"There's a gearing up on the part of the dark side to take advantage of this end of support," Glines says.

He worries most about doctors like his father and others the health care industry, who may be very smart people, but just aren't focused on technology. He notes that health care-related information is 10 to 20 times more valuable on the black market than financial information, because it can be used to create fraudulent medical claims and illegally obtain prescription drugs, making doctor's offices tempting targets.

Meanwhile, without updates from Microsoft, regular people who currently use XP at home need to be extra careful.

Mike Eldridge, 39, of Spring Lake, Mich., says that since his computer is currently on its last legs, he's going to cross his fingers and hope for the best until it finally dies.

"I am worried about security threats, but I'd rather have my identity stolen than put up with Windows 8," he says.

Explore further: Windows XP diehards to fend off hackers on their own

2.7 /5 (3 votes)
add to favorites email to friend print save as pdf

Related Stories

Facing the Windows XP apocalypse? Here are some options

Mar 26, 2014

Are you ready for the "XP Apocalypse" on April 8? That's when Microsoft Corp. plans to stop issuing security updates for the aging, but still-popular XP version of its flagship Windows operating system, which ...

Microsoft to stop updates for XP SP2

Jul 12, 2010

Microsoft this week will stop issuing security fixes for computers running the Windows XP operating system updated with Service Pack 2.

Windows 7 Virtual XP Mode

Apr 28, 2009

(PhysOrg.com) -- Microsoft has decided to give Windows 7 users a tool that will allow them to run Windows XP applications in a virtual machine. The tool is free with Windows 7 but will only be available to ...

Recommended for you

Where's the app for an earthquake warning?

Sep 22, 2014

Among the many things the Bay Area learned from the recent shaker near Napa is that the University of California, Berkeley's earthquake warning system does indeed work for the handful of people who receive its messages, but ...

Hit 'Just Dance' game goes mobile Sept. 25

Sep 18, 2014

Smartphone lovers will get to show off moves almost anywhere with the Sept. 25 release of a free "Just Dance Now" game tuned for mobile Internet lifestyles.

Indie game developers sprouting at Tokyo Game Show

Sep 18, 2014

Nestled among the industry giants at the Tokyo Game Show Thursday are a growing number of small and independent games developers from Asia and Europe, all hoping they are sitting on the next Minecraft.

Review: Ambitious 'Destiny' lacks imagination

Sep 18, 2014

Midway through "Destiny," the new science fiction epic from "Halo" creators Bungie, a smug prince is musing on the hero's desire to visit a mysterious site on Mars.

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

eric_in_chicago
not rated yet Apr 07, 2014
ooo-booon---toooo!!!

it's UBUNTU!

Squirrel
not rated yet Apr 08, 2014
There is no risk: "Microsoft's plans to keep providing malware-related updates for well over a year". If for another year, then MS will do so for many more years--MS is not going to be like an airline that allows boxcutters on flights again. Malware-related updates are a very cheap "homeland" security precaution.
Lex Talonis
not rated yet Apr 08, 2014
Hmmm Microsoft... isn't that the software developer, that has more patches than software?