All of this month's bulletins affect Windows XP, for which Microsoft will be ending support next month. Microsoft, along with most security organizations, has been urging XP users to upgrade, with somewhat limited results. After April, Microsoft will no longer fix newly discovered XP security holes.
As a result, Windows XP will become much less secure in the coming months, Kandek warned. Given the size of the Windows code base, many of the patches that Microsoft issues each month cover vulnerabilities found in all versions of Windows, at least back to XP. After April, attackers can examine these patches to pinpoint where vulnerabilities may be, and seek them in the no-longer-supported Windows XP.
"Half of the work has already been done for them," Kandek said.
Qualys tracks the percentage of its enterprise users that still deploy XP. In February that number has shrunk to about 14 percent, two percentage points lower than the month prior.