As Windows XP dies, the risks rise
The world will not end.
Make no mistake, tomorrow is an important day in the history of one of the most successful operating systems of all time. Unless you’ve been living offline for the past six months, you’ve likely already heard about Microsoft’s plans to stop providing security updates and customer support for Windows XP, effective April 8, 2014.
But despite a high-profile campaign to convince users to switch to something newer, data from web analytics firm Net Applications confirms 27 per cent of Internet-capable computers are still using XP. The company’s current-generation operating system, Windows 8, accounts for 11.3 per cent, while Windows 7 machines lead all others with 48.8 per cent.
Unlike the Y2K scare, though, there’s no widespread panic over masses of machines suddenly losing their collective ability to compute. And just like the Y2K scare, the day after will dawn as uneventfully as the day of. Wednesday will be just another day, with legions of XP-equipped systems routinely churning away as they always have.
So what’s the risk?
In a word, security. Windows XP, designed long before Web 2.0, social media and the mobile revolution, simply wasn’t built to deal with today’s broad range of security threats. Hackers traditionally seek out the most popular and weakest platforms, and XP has long been a target of choice by virtue of its user base and its age. Microsoft has done an admirable job keeping the venerable code relatively secure as the threat environment around it continued to intensify, but nothing lasts forever.
With security updates no longer being provided by the company, hackers will increasingly be able to exploit known and newly discovered vulnerabilities with no commensurate response from the vendor. Although Microsoft will continue to provide updated anti-malware signatures until July 2015, existing installations of Windows XP will potentially become more vulnerable over time to an ever-widening range of attacks, including viruses, identity theft and zombie nets.
While the machines themselves may continue to function as they always have, the risks associated with being victimized by hackers will rise – and companies that fail to adequately protect their legacy XP computers could find themselves victimized. A compromised machine could be used by hackers to launch additional attacks on clients and other stakeholders. Companies must weigh the risks of maintaining outdated infrastructure against the potential brand-compromising impact of being fingered as the unwitting source of a widespread attack.
XP-running organizations, many of which can’t or won’t cost-justify upgrading customized implementations like bank machines and laboratory solutions, can continue to use third party security products – which in many cases will continue to be supported.
A new OS landscape
Microsoft’s failure to successfully transition the majority of XP users to a current operating system reflects just how radically the landscape has changed since the product was first introduced. Crashing sales of traditional computers means owners no longer blindly upgrade from one generation to the next as they upgrade their hardware. The exploding popularity of mobile devices means PCs and their associated operating systems are no longer the only devices competing for budget priority.
The rapid shift to free operating systems also threatens Microsoft’s revenues from this once-lucrative source. Apple’s latest desktop offering, Max OS X 10.9 Mavericks, is now a free upgrade to existing customers, while mobile operating systems like iOS and Android have long been free to end-users. Microsoft’s recent announcement that Windows licenses for tablets under 9 inches will also be free is a nod to the crushing competition, and another move away from a market that fuelled the company’s growth for much of its history.
Those days are long gone. And while the world won’t end with the withdrawal of support for XP, it has changed irrevocably for the company that started it all.