Windows XP Users at Risk as Software Reaches “End-of-life”

Late last year Microsoft announced that after April 8 Windows XP Service Pack 3 (SP3) customers would no longer receive technical support and updates. This means that any new vulnerabilities discovered in Windows XP after its so-called “end-of-life” date will not be addressed by new security updates from Microsoft.

Microsoft recently estimated that 30 per cent of its small- to mid-size customers are still using XP.  The end of this product’s lifecycle has created something of a countdown for many businesses to address how to update their IT infrastructure. But, if you feel like you somehow missed the memo, don’t worry, you aren’t the only one. Microsoft’s customer surveys discovered that only 55% of small to medium sized businesses know about the end of XP and 70% are unaware of what this change means or how it will impact their business.

What is the risk of continuing to run Windows XP after Microsoft ends support for this operating system? Jay Paulus, Microsoft’s Director of Windows small-business marketing, likened it to “driving a car that you can’t buy parts for anymore.” Microsoft has highlighted 4 potential business implications of continuing to run this product after the “end of life” date.

Security risk

Without security updates, your PC could become vulnerable to harmful viruses, spyware and other malicious software which can steal or damage your data. Once Windows XP is no longer supported by Microsoft you will also find that your anti-virus software will not be able to fully protect you. Microsoft recently warned of a zero-day vulnerability in the Windows XP kernel being exploited in the wild. This bug is called CVE-2013-5065 and affects Windows XP SP2 and SP3 and allows attackers to gain escalated Windows privileges which would allow them to delete or view data, install programs or create accounts with administrator privileges. This vulnerability also seems to affect Windows server 2003.

This zero day vulnerability appears to be just the beginning of a much bigger problem for XP users. Rob VandenBrink from Metafore suggests  that Malware authors are currently biding their time as they know that after the last set of hotfixes for XP is released that they will be able to targetvulnerabilities in Windows XPwithout having to worry about the flaws being patched. Experts are concerned that the number of attacks targeting XP users will skyrocket come April.

Software issues

Support will no longer be available for products being run on Windows XP as software and hardware vendors will be unable to get Windows XP updates. As more software and hardware manufacturers continue to upgrade to more recent versions of Windows you will come across more and more apps and devices that do not work with Windows XP.

No one to call

When you have problems with Windows XP in the future you will no longer have access to online or phone-based IT support from Microsoft.

Down time

You could suffer increased risks of system failure and disruption to your business operations due to the lack of available support, supported software and the increasing age of hardware running this outdated operating system.


Windows XP anti-malware support extended to 2015

Thankfully, the world’s largest software company confirmed earlier this year that it will continue to offer updates to their anti-malware signatures and engine for Windows XP users for more than a year after it stops patching the operating system. According to the Microsoft technet blogpost discussing their decision, the Malicious Software Removal Tool will continue to be provided for Windows XP through July 14, 2015.

Microsoft originally planned to pull the plug on its Microsoft Security Essentials product and not offer updates to XP users at all. Now, while the company will not be offering the programitself for download after April 2014, it will at least be possible to get updates for it.

Whilst the virus warnings and updates will continue until mid 2015, all other support for the software — such as bug fixes, free assistance and software upgrades — is still on track to come to a halt as scheduled on April 8, 2014.

How do I begin my migration?

The AWD IT team have highlighted three potential approaches to ensure a smooth OS migration:

1) New Hardware

Windows XP is 12 years old, and many computers running it will be unable to handle either Windows 7 or Windows 8.1. An AWD IT Audit and Reviewcan help you understand if you require new hardware.

Microsoft highlights a few options for businesses considering moving to a modern PC with the latest productivity and collaboration tools. Instead of battling with hardware requirements, it would probably be simpler to buy a newer computer with either Windows 7 or 8.1 pre-installed. Buying a new machine is the easiest way to migrate, since it is simply a matter of copying all the personal data files from the older machine over to the new one. This could be a good opportunity for you to re-evaluate your company’s existing hardware and modernize your approach to managing your device landscape. Which devices best suit your employees’ roles (desktop, laptop, tablet, or hybrid)?

Major changes in end-user computing including the emergence of numerous new mobile devices, software, and improved operating systems, bring your own device (BYOD) policies and increasing mobility are making it necessary for all businesses to change the way they approach IT.

2) Upgrading old hardware with newer versions of Windows

If your current hardware is capable of supporting Windows 7 or 8.1 , you can’t do an in-place upgrade of Windows 7 or 8.1 on a computer running Windows XP, but you can migrate from a Windows XP computer to a Windows 7 one, preserving data and preferences.

A lot of IT experts prefer migrations to in-place upgrades because the resulting computer is cleaner and much easier to support. Any bad practices that were in place on the old computer can be eliminated.

Once the new OS is up and running,  your files have been copied over and your applications have been reinstalled, the next step is to update all your software packages to the latest versions (many apps will need to be upgraded in order to be compatible with the new OS).  This could be a good time to consider the software applications your business is using. Succesfully moving applications to the new operating environment is usually the longest and most complex activity during an OS migration. Why spend time and money transferring and updating applications that your staff don’t actually use? This could prove to be a bit of a feat as your organisation probably contains hundreds if not thousands of packaged and custom applications. You need to work out what will be the fastest, most effective way to understand what you have and where it is located.

It is important to know not only which applications your business is using, but also how they affect one another.

Do you know which of your team’s applications will work in Windows 7 or 8.1?  All compatibility issues will need to be addressed, batching similar applications to save time. Then everything will need to be tested prior to redeployment.

Virtualising the right applications can make ongoing management and support much easier and save you money.

3) Virtualisation

If your device landscape is changing or purchasing new hardware simply isn’t an option right now this may be the right time to consider virtualisation.

Virtualisation and image layering are modern strategies that offer added flexibility in an increasingly complex tech landscape to easily segregate between personal and corporate services, enable corporate standardization, while quickening the pace of delivery and reducing the cost of desktop support.

Deploying desktop virtualisation is the concept of centralizing logical operating systems for client access. This provides a managed service that is easier and simpler to manage making the need for upgrades and changes an environment simpler to implement and support.  IT organisations can seamlessly deploy, update and patch virtual desktops without any impact to the endpoint devices.

How AWD can help

If you have poor IT infrastructure in place an OS migration will prove to be an extremely difficult and costly process and end up taking a lot longer or failing altogether. For this reason it is vital that organisations make sure that their configuration management infrastructures are healthy and have sufficient excess capacity needed to migrate several devices at the same time during this project. That excess capacity enables IT professionals to provide desktop management and deployment services to parallel operating systems until the OS upgrade is completed, allowing your business to keep running as normal during the migration.

If you are still running XP and are thinking of using a DIY-style migration approach just remember that a mismanaged home-grown migration will cost you more going forward than having professionals manage your OS upgrade for you now.

Let our expert team conduct an IT Audit and Review to understand the best options to meet your business needs. As part of the audit AWD will review your current network hardware and software to determine any sources of weakness which require attention. We will provide you with recommendations for mitigating or eradicating these vulnerabilities. Our IT consultants will develop effective strategies for preventing hackers, data corruption, and malware from costing your business valuable time and money by locating and acting on potential weaknesses before they are exploited. We will also work with you to understand which software applications will be necessary to your business after the OS migration and prioritize those so that every one of your applications is successfully ported over in time. We can advise you as to whether it is in your best interests to virtualize at this point in time.

Whether you’re faced with migrating a small/medium-sized business or enterprise AWD can tailor a Windows XP migration plan that suits your schedule and budget. We will ensure that your business runs optimally now and into the future, equipping you with a long-term IT strategy covering everything from software updates to major migrations.

Enquire about our IT services today.