Recently, I have noticed considerable buzz regarding a Windows XP support announcement by Microsoft. What I have been hearing from customers over the last couple of weeks is, “Hey, did you hear Microsoft extended XP support again?” Unfortunately, this is not completely accurate; Microsoft will not be patching Windows XP after April 8th. What Microsoft did announce last month was that it would be delivering security signatures through its anti-malware products that will help to protect systems, including those still running Windows XP. For more on what this really means for your organization, read on.
What we’re really talking about here is updates to your security software, not updates to the OS itself. Make no mistake—Microsoft is ending support for Windows XP right on schedule on April 8, 2014. Now, if you are not using one of those anti-virus products—specifically System Center Endpoint Protection (or SCEP, which is included in the Core CAL), older variations of SCEP including Forefront Endpoint Protection and Forefront Client Security, or Windows Intune—this announcement does not affect you at all. And of course, if you have already made the move to Windows 7, you are okay as well.
Regardless of last month’s announcement, it is our assessment that PCs still running the now 12-year-old OS will be extremely vulnerable to attack after April 8th. As Scott Bekker puts it in his recent blog post, it will literally be “open season for the creation of zero-day attacks.” Here at PC Connection, our strong recommendation is that our customers migrate off of XP as soon as possible to mitigate security risk.
As I meet with customers in the field, I’ve noticed that most companies are well down the road to having a standardized Windows 7 Professional or Windows 7 Enterprise environment today. Those that are not seem to at least have a plan, and a goal, to get there by April. In fact, I was at a client’s office the other day having this exact conversation. The IT Director told me that they had completely migrated to Windows 7 Pro, but on our way out of the office after the meeting, I saw at least one machine that had a Windows XP screen saver. When I pointed it out, he indicated that yes, there were probably some stray machines here and there that did not receive the update. So even if you have a plan, keep an eye out for those stragglers, possibly older or secondary machines, which may be overlooked or just not viable for a modern OS. After April 8th, those systems will become vulnerable points for malware and virus attacks.
Finally, I’d like to make a note about Windows 7 with “XP Mode.” XP Mode is actually a full virtualized instance of Windows XP and would be equally vulnerable to new malicious code. It is therefore no longer recommended that you make use of it. Instead, focus your attention on bringing those applications that run on XP up to date where possible.
We know that everyone has been beating the get-off-XP drum for a long time now. We hear it every day, too. But truly, now is go time! Here’s a good place to get started.