The Windows XP Zombie Apocalypse

The countdown is finally over for those looking for extended life support for XP (unless they've inked a deal). But are they still secure?

"Supporting operating systems beyond their end-of-life is nothing new for the corporate IT department, and there are plenty of ways-and-means to reduce or mitigate the risks associated with unsupported software. In the meantime, Google has said that it will support its Chrome web browser on Windows XP until April 2015, and antivirus vendors (including Microsoft) have said they will continue to update their software running on Windows XP computers until 2015."

Advertisement - Article continues below

While Windows XP and Windows 7 stand roughly shoulder-to-shoulder in terms of infection rates when there is no real-time anti-malware protection in place, with such armour Windows 7 leapfrogs clearly into the 'much safer' category.

What isn't in question is that, after today, software updates (wave goodbye to Patch Tuesday' for XP and service packs) will cease and desist. Even if a gaping big vulnerability is uncovered, regardless of whether there's a zero-day in the wild causing all kinds of damage or whatever, there will be no more security patches.

That much is stone cold fact. Existing patches may well - given the sheer number of XP instances still out there - be available online for some time yet. That doesn't alter the frankly worrying fact that any new vulnerabilities are going to be left to unpatched and accessible for anyone to exploit as they wish.

Advertisement
Advertisement - Article continues below

Research suggests that as many as a third of existing malware infections across operating systems can be put down, at some level, to a lack of timely security patching. It's common sense really, and doesn't take an IT security genius to work out that an unpatched piece of software (be that third-party application or core OS) is far more likely to get infected by an exploit than one that has been patched against a specific vulnerability.

Advertisement - Article continues below

At the OS level, it's also clear that while Windows XP and Windows 7 stand roughly shoulder-to-shoulder in terms of infection rates when there is no real-time anti-malware protection in place, with such armour Windows 7 leapfrogs clearly into the 'much safer' category.

Windows 8 hasn't been covered off in this feature yet for two key reasons. Firstly it just hasn't made any kind of impact upon the enterprise migration radar as of yet. Secondly, real-time protection comes built-in and, as a result infection rates are so low as to be all but invisible right now.

Indeed, about 0.2 per 1,000 compared to 4.2 per 1,000 for XP machines. Take away the real-time malware protection and XP rates shoot up to 15.6 per 1,000 according to Microsoft's own Malicious Software Removal Tool figures. This latter statistic is an important one in terms of the Windows XP security risk analysis. That's because the bad guys tend to focus their attention and resources where the biggest profit lays.

Featured Resources

Navigating the new normal: A fast guide to remote working

A smooth transition will support operations for years to come

Download now

Putting a spotlight on cyber security

An examination of the current cyber security landscape

Download now

The economics of infrastructure scalability

Find the most cost-effective and least risky way to scale

Download now

IT operations overload hinders digital transformation

Clearing the path towards a modernised system of agreement

Download now
Advertisement

Most Popular

Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/business/policy-legislation/356256/uk-invested-about-ps500m-in-wrong-gps-satellites
Policy & legislation

UK gov buys "wrong" satellites in £500m blunder

29 Jun 2020
Visit/security/34616/the-top-password-cracking-techniques-used-by-hackers
Security

The top 12 password-cracking techniques used by hackers

12 Jun 2020