After spending most of 2013 reminding everyone that extended support for Windows XP would end on 8 April 2014, Microsoft has now said it will continue to deliver Windows XP signatures for its security products until July 2015. Even though signature updates only represent a tiny element of what operating system support requires, this is a bad idea.
In a blog post this morning, Microsoft said that it would continue to produce “updates to our antimalware signatures and engine for Windows XP users through July 14, 2015”. Updates will be available for Microsoft Security Essentials for consumers, and to System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune for enterprises.
Part of me is willing to accept that companies which have only recently begun migration efforts might benefit from additional security support to complete the process. But a much bigger part of me wants to say: let’s get real here. Windows XP has already had a three-year extension on its supported life. If you haven’t managed to update your infrastructure to handle its successors, your business is already in real trouble. Security hand-holding isn’t going to help with that, a point Microsoft acknowledges in its update:
Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape.
Quite. If you’re still using a 13-year-old operating system for business functions, there’s something wrong with your processes.
The other problem? Making this move will just fuel the ongoing chatter that Windows 8 has not been successful enough.
Microsoft antimalware support for Windows XP [Malware Protection Centre]