How To Deal With The Death Of Windows XP

Almost 13 years after its release in October 2001 to a world still in shock after the 9/11 terror attacks, the sun is finally setting on Microsoft's Windows XP. The operating system has been the software in many home and work PCs but for die-hard users who continue to use XP, danger that way lies.

Picture:

All operating systems have a service life, and Windows XP has had an exceptionally long one. The problem for XP, short for extended user "eXPerience", is that it is still being used on hundreds of millions of computers globally.

In February 2014, just under 30 per cent of PCs around the world are still running XP, despite there being three later versions of Windows to choose from (Vista, Windows 7, Windows 8 and its tweak edition 8.1).

The risks of soldiering on

While some die-hard XP users will be in the process of moving on to Windows 7 or 8, there will certainly be those who soldier on after the expiry date on April 8.

After all, XP is a robust operating system that has given them many years of service despite numerous patches and updates.

The problem for people who continue to use (internet-connected) XP after support ends will be a growing number of security vulnerabilities that will not be solved by the periodic updates and hot-fixes from Microsoft. Nor will those users be able to get technical support for any other problems they might have with XP.

Microsoft admits:

If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses.

Open to attack

As in any ongoing war, when defenders withdraw from battle, attackers (and hackers) take advantage. They have almost certainly been making plans in anticipation of the day when millions of XP computers become more vulnerable. That day is April 8, 2014.

Microsoft's director of trustworthy computing, Tim Rains, issued a statement last August warning that security patches for later versions of Windows could inadvertently give cyber-criminals the information they need to reverse-engineer a successful attack on unsupported versions of Windows.

This can happen because under the skin, there is a large amount of program code in common between the different versions of the Windows operating system. So patch the code for Windows 7 and 8 and you reveal a potential flaw in XP that won't be patched.

It is true that up-to-date XP still has reasonable capability to withstand attack, and anti-virus and malware detection software can do a good job.

Nonetheless, the risks of being hacked will rise substantially, particularly when older iinternet browsers are still being used.

The Microsoft Security Intelligence Report goes into detail for those who are interested.

What can XP users do?

Individual users can take the obvious course of updating to a later version of Windows at their convenience (and Microsoft offers some advice here), or they might take the opportunity to switch to an alternative operating system. There's several to choose from.

For those on a budget, the growing number of online retailers selling computers at close to wholesale prices is making the purchase of new or nearly new equipment surprisingly affordable.

For organisations though, particularly larger ones, the task of migration can be a lengthy one that requires months if not years to complete, not the days and weeks left to them before the sun sets on XP support.

For these folks, some timely advice for staying safe is in order.

Crash course in managing the risk of cyber-intrusion

The Information Security Manual, a publication of the Australian Signals Directorate (ASD) gives some useful advice for anyone wanting to protect themselves against the threat of cyber-attack.

  • Application white-listing. Where a list of verified, trusted programs is created for the PC based on the job it is required to do. If these are the only programs permitted to be installed on the computer, then potentially dangerous programs (including Dynamic Link Libraries or DLLs), scripts and installers) can not be executed
  • Patching applications. As soon as they become available, install updates and fixes to the white-listed applications, including Java, PDF viewer, web browser, Microsoft Office and others. Older versions of internet browsers are particularly vulnerable
  • Patching operating systems. Automatically download and install the latest security patches and hot-fixes as soon as they become available. The ASD specifically recommends not using Windows XP due to the inherent risk
  • Restrict administrator privileges. Only those people whose job requires them to install and make changes to operating systems and applications should have admin access.

If implemented, these four security measures have proved to be very effective.

For XP users, performing the three out of the four that are possible, plus using up-to-date anti-virus and anti-malware software, will go a long way to protecting an XP computer until you are ready to migrate to a supported operating system.

To get really serious about this, see the full list of 35 Strategies to Mitigate Targeted Cyber Intrusions (and be ready for some fine print).

The end of an era

As the sun finally sets on venerable old XP, it is timely to reflect a moment on the end of an era when a single operating system dominated the market.

Those days are fast disappearing with new paradigms of computing (Android, iOS, cloud computing, wireless mobile, open source) taking a growing share of the overall market.

The folks at Microsoft must be more than a little concerned.

David Tuffley is Lecturer in Applied Ethics & Socio-Technical Studies at Griffith University. He does not work for, consult to, own shares in or receive funding from any company or organisation that would benefit from this article, and has no relevant affiliations.

The ConversationThis article was originally published on The Conversation. Read the original article.

WATCH MORE: Tech News

Comments

    Wow... the juxtaposition of XP and 911 occurring at around the same time just blew my mind. I don't remember those two things in the same time line....! :)

    So on my virtual machine running XP, I just disable the network interface. Right?

      I was going to ask the same question, at work we use an iMac with XP running in VMware for our POS software. Is that safe?

        As long as it's not connected to the internet, you are fine.

    So do the licence key activation servers go down on April too? Will it be impossible to activate windows XP after end of life?

    The champagne is on ice. I still have clients running it. The sooner I can say "dead OS,, no support" the better.

    There is no alternative light-weight OS from Microsoft.

      I agree - but even more so. I've got machines running XP, that struggle with even some of the lightest of (relatively usable) Linuxes (eg. Puppy, DSL, etc). XP is (was) a wonder on old machines.

      What about Windows 7 Starter Edition?

    If MS would make the Windows8 upgrade also work for customers on XP then they might get some takeup.
    We bought the Win8 upgrade disc only to find it will only allow upgrades from Vista or Win7, not from XP.

      +1. I was upgrading a family from XP to 8.1 over the weekend, and they really have gone out of their way to make the upgrade path difficult.
      -The upgrade disc can only perform a full install, not an in-place upgrade. I could forgive that, except..
      -Windows Easy Transfer only lets you upgade from vista/7 to 8.1, or from XP to vista/7. You would need to perform intermediate installs of a different OS to make that work.
      -They don't ship it with anything that can handle old outlook express files. To make that work you have to manually install 'microsoft live 2012' (it's not in the app store), import all the old data files, and then set up all your accounts again by hand. Given I've been able to copy the same thunderbird profile from computer to computer since 2004 without losing a single setting, I don't think there's a justification for this.

      I understand why the in-place upgrade doesn't really work, but a lot of problems could be averted if they'd just made the easy transfer tool work. A one-click approach to copy all their photos/music/email/bookmarks from one computer to another would make a lot of users happy and this would be far less of an ordeal.

    Hi Computer Genius! Please Find Some Ways To Help XP Alive. P..L..E..A..S..E..!

    The Australian Defence Force is still running WIndows XP on virtually all its computers (though I am told there are "a handful" running Windows 7), and there has been no information that this is changing in the foreseeable future - with all the recent budget cuts and Windows XP's end-of-life just around the corner, it would seem that security is no longer a top priority for the Defence Force!

    Ideally the Government would roll-out WIndows 7 or later to all their computers before the deadline... But that's one heck of an upgrade between now and April 8th, considering the Australian Defence Force has 100,000 computers under a "best-case scenario", and in the miid-high hundreds of thousands in a "worse-case scenario"!

    I would imagine that they have an IT team "somewhere" on watch 24/7... But why should they (the assumed IT team) be lumped with the worry of outdated software, when there are far more pressing issues affecting our Defence Force, country and the world-at-large?

    It's just a complete waste of time, money and other resources!

    The alternative is a Linux-based operating system like Ubuntu... Though historically, Western governments in general are very anti-Linux/Open Source, even when software catering to their niche requirements is made available (if you ask me, this is more about filling Microsoft's pockets than about an issue with Linux/Open Source itself though).

Join the discussion!

Trending Stories Right Now