Nearly a Third of PCs Poised to Become Cybercrime Targets

Windows XP prepares to visit the OS graveyard
Windows XP prepares to visit the OS graveyard

The official funeral for Windows XP support comes early next week, on April 8, after which users will no longer be provided new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates for the apparently still popular operating system. Microsoft warned last summer that failure to migrate from XP to more current versions, including Windows 7 and Windows 8, would leave users susceptible to permanent zero-day exploits, as the company would no longer issue security updates for newly discovered vulnerabilities affecting Windows XP.

This milestone date comes at a time when nearly a third of PCs in use still run on Windows XP. According to data from Trend Micro, 32% of PCs still deploy the old operating system, which makes them a highly vulnerable attack target. The most recent data from Net Applications, which tracks use patterns in the PC market, puts this number at a relatively similar 27.69% as of March 2014.

An end to security updates means that any previously unknown vulnerability – commonly called zero-day – would run through Windows XP systems without restraint, leaving any individual or business that failed to update unprotected in the face of newly developed exploits by cybercriminals and hackers.

“The world has never faced a situation quite like this”, wrote Christopher Budd, threat communications manager at Trend Micro, in a recent blog. “Versions of Windows have gone out of support in the past, but never in such wide usage.” Budd advised that, following this April 8 cut-off date, the large number of Windows XP machines still in use will become “a real threat to everyone on the Internet.”

With the loss of security updates for Windows XP, Budd warned that the necessity to migrate to newer versions of Windows is no longer a personal or business choice, but an imperative that has far reaching inoculation-like effects on the entire computing and internet ecosystem. He predicted that those running Windows XP will “become more of a danger to others than themselves”, and asserted that, “just like a public health crisis, different rules apply because of the threat to the greater good.”

Microsoft itself has acknowledged the danger of a security pandemic resulting from continued use of Windows XP. Back in January of this year, the company said it would extend updates to its anti-malware signatures and engine for Windows XP products until July 2015, including its consumer-focused Security Essentials.

Regardless of this reprieve, Microsoft warned it was unwise to delay upgrading to newer operating system choices. “Our research shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited,” the company cautioned at the time. “Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape.”

What’s Hot on Infosecurity Magazine?