Microsoft warns of Windows XP zero day vulnerability

Redmond urges businesses to migrate to Windows 7 or 8 to avoid zero-day flaw.

Danger sign

Microsoft continues to urge Windows XP users to upgrade to either Windows 7 or Windows 8 before support for the older operating system ends in 2014.

When support for Windows XP ends in April 2014, systems running the OS will effectively have a 'zero date' vulnerability forever, warned Tim Rains, a director of Microsoft's Trustworthy Computing group.

"When Microsoft releases a security update, security researchers and criminals will often times reverse engineer the security update in short order in an effort to identify the specific section of code that contains the vulnerability addressed by the update," Rains noted in a blog post entitledThe risk of running Windows XP after support ends April 2014'.

"But after April 8, 2014, organizations that continue to run Windows XP won't have this advantage over attackers any longer."

Rains claimed hackers will reverse engineer updates in the first security package released after XP is no longer supported as soon as it is issued and attempt to apply them to the older operating system.

"Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a 'zero day' vulnerability forever," he said.

"As for the security mitigations that Windows XP Service Pack 3 has, they were state of the art when they were developed many years ago. But ... the security mitigations built into Windows XP are no longer sufficient to blunt many of the modern day attacks we currently see," Rains added.

Microsoft began a countdown for the end of Windows XP support in July 2011. With one year to go before the end of support, on 8 April 2013, the company also warned 600 million PC users would be at serious risk if they did not upgrade to a more recent operating system.

However analyst house Ovum said in users should not feel pressured to upgrade to Windows 7 or 8.

"If we assume that Windows XP systems have the latest patches, fixes and up-to-date security software installed ... there is no reason to believe that life after [April 2014] will be any different than before," Richard Edwards, principal analyst at Ovum said.

Nevertheless, Rains concluded his blog post by warning "organisations need a level of certainty about the integrity of their systems. Minimising the number of systems running unsupported operating systems is helpful in achieving that".

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

5 Jul 2021
Managing a late migration
Microsoft Windows

Managing a late migration

11 Feb 2021
Windows 10 vs Windows 8.1: which is best for you?
operating systems

Windows 10 vs Windows 8.1: which is best for you?

29 Jan 2021
16 ways to speed up your laptop
Laptops

16 ways to speed up your laptop

16 Sep 2020

Most Popular

The benefits of workload optimisation
Sponsored

The benefits of workload optimisation

16 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Six ways boards can step up support for cyber security
Business strategy

Six ways boards can step up support for cyber security

22 Jul 2021