Windows XP is, in the opinion of many, the best operating system Microsoft has ever produced. On April 8, 2014 Microsoft finally ended support for the aging operating system. This venerable operating system continues to function just like it always has, steadfast and resolute; however, now danger lurks in every shadow, ready to make Windows XP an intolerable security risk. Surfing the Internet, reading email, and even putting a flash drive in the USB port could lead a security breach against which there will never be a defense. Antivirus and firewalls can help stave off many threats; however, when the core of the operating system is vulnerable because it can no longer be patched against threats tools like firewalls and antivirus that rely on information from the operating system cannot be entirely trusted to keep your data safe.
Twenty days after the last patches for Windows XP went out, a flaw was found in Internet Explorer versions supported by XP. These Internet Explorer versions running on XP will not receive any patches due to the fact the operating system is unsupported. What makes this flaw even more dangerous is the media coverage it has received. Major news outlets have been reporting on the flaw since FireEye made it public, news outlets like ABC News, Time, the Washington Post, Fox News, and even BBC. This is the first of many security holes that will continue to be punched in the operating system never to be plugged.
Another threat to the security of Windows XP is the continued patching of modern operating systems like Windows 7 and 8. Attackers routinely reverse engineer Windows security updates every patch Tuesday to develop ways to exploit these flaws in unpatched systems. How can patches for other newer operating systems affect Windows XP, you may ask? All versions of Windows share some common code. Microsoft doesn’t start from scratch with each new operating system it releases. In fact, according to a broadcast I watched, Microsoft stated that between July, 2012 and July, 2013 45 security patches were released for Windows XP. Of those 45 security patches 30 also affected Windows 7. Just over 66% of all the security threats discovered for Windows XP in that time frame of 1 year affected modern and legacy operating systems. If that trend continues over the next year, every month Windows XP will become more and more of a target.
The best course of action when deciding how to combat this threat is, of course, to migrate to a newer supported operating system. If that is not an option, taking your Windows XP clients off of the network and physically separating them from the rest of the world is the next best thing. Virtual machines not allowed to access the Internet are also a valid solution. If your XP systems have to be connected, the only way to protect your data is to perform multiple, regular offline backups of the system and the data to ensure you can revert to a previous version any time the XP system is compromised. Call me for a free basic assessment of your Windows XP systems and for a recommendation on how best to migrate to a more secure environment today.