The Windows XP Zombie Apocalypse

The countdown is finally over for those looking for extended life support for XP (unless they've inked a deal). But are they still secure?

"Supporting operating systems beyond their end-of-life is nothing new for the corporate IT department, and there are plenty of ways-and-means to reduce or mitigate the risks associated with unsupported software. In the meantime, Google has said that it will support its Chrome web browser on Windows XP until April 2015, and antivirus vendors (including Microsoft) have said they will continue to update their software running on Windows XP computers until 2015."

While Windows XP and Windows 7 stand roughly shoulder-to-shoulder in terms of infection rates when there is no real-time anti-malware protection in place, with such armour Windows 7 leapfrogs clearly into the 'much safer' category.

What isn't in question is that, after today, software updates (wave goodbye to Patch Tuesday' for XP and service packs) will cease and desist. Even if a gaping big vulnerability is uncovered, regardless of whether there's a zero-day in the wild causing all kinds of damage or whatever, there will be no more security patches.

That much is stone cold fact. Existing patches may well - given the sheer number of XP instances still out there - be available online for some time yet. That doesn't alter the frankly worrying fact that any new vulnerabilities are going to be left to unpatched and accessible for anyone to exploit as they wish.

Research suggests that as many as a third of existing malware infections across operating systems can be put down, at some level, to a lack of timely security patching. It's common sense really, and doesn't take an IT security genius to work out that an unpatched piece of software (be that third-party application or core OS) is far more likely to get infected by an exploit than one that has been patched against a specific vulnerability.

At the OS level, it's also clear that while Windows XP and Windows 7 stand roughly shoulder-to-shoulder in terms of infection rates when there is no real-time anti-malware protection in place, with such armour Windows 7 leapfrogs clearly into the 'much safer' category.

Windows 8 hasn't been covered off in this feature yet for two key reasons. Firstly it just hasn't made any kind of impact upon the enterprise migration radar as of yet. Secondly, real-time protection comes built-in and, as a result infection rates are so low as to be all but invisible right now.

Indeed, about 0.2 per 1,000 compared to 4.2 per 1,000 for XP machines. Take away the real-time malware protection and XP rates shoot up to 15.6 per 1,000 according to Microsoft's own Malicious Software Removal Tool figures. This latter statistic is an important one in terms of the Windows XP security risk analysis. That's because the bad guys tend to focus their attention and resources where the biggest profit lays.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Google, Microsoft fight over documents in antitrust lawsuit
Policy & legislation

Google, Microsoft fight over documents in antitrust lawsuit

30 Jul 2021
Microsoft cracks down on sophisticated BEC scam campaign
scams

Microsoft cracks down on sophisticated BEC scam campaign

20 Jul 2021
Security researchers uncover more Print Spooler vulnerabilities
vulnerability

Security researchers uncover more Print Spooler vulnerabilities

19 Jul 2021
Microsoft customers will be able to record, report, and reduce their emissions
cloud computing

Microsoft customers will be able to record, report, and reduce their emissions

14 Jul 2021

Most Popular

RMIT to be first Australian university to implement AWS supercomputing facility
high-performance computing (HPC)

RMIT to be first Australian university to implement AWS supercomputing facility

28 Jul 2021
Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Zyxel USG Flex 200 review: A timely and effective solution
Security

Zyxel USG Flex 200 review: A timely and effective solution

28 Jul 2021