Windows XP expires today: here's what you need to do…

By Sooraj Shah
08 Apr 2014 View Comments
Windows XP deadline cut of banner

Microsoft's long-running Windows XP operating system expires today, meaning that there will be no more official security updates and patches for the software.

While many governments, including the Netherlands and the UK, have signed deals with Microsoft to provide support and security updates across the public sector for a further 12 months, private sector organisations have been urged to upgrade to a more recent operating system such as Windows 7 or Windows 8.

Further reading

Gartner estimates that one-third of organisations currently have more than 10 per cent of their systems on XP.

The risk, Microsoft suggests, is that cyber criminals will be more likely to be able to comprise and infect XP systems.

But despite this, Mark Carter, executive adviser in KPMG's CIO Advisory division, told Computing that organisations shouldn't be overly concerned.

"I'm not sure it's going to be the complete apocalypse that everyone says it's going to be," he said.

"I think there is potential exposure to hackers who are waiting out there to swoop on this, but it's hard to quantify how big a problem it's going to be," he said.

Carter advised CIOs not to "take the risk and leave yourself open".

Neil MacDonald, vice president at Gartner, explained that XP can continue to be used with the risk kept to a tolerable level, without requiring the enterprise to pay Microsoft for expensive custom support while migrations are completed.

Gartner does not believe that organisations or their auditors will do nothing, as they wouldn't find this level of risk acceptable.

The research firm suggests that companies should follow best practices while restricting network connectivity to the minimum possible, implementing an application control solution and memory protection, and removing administrative rights.

Other best practices Gartner suggests include removing web browsing and email software from XP systems, and instead providing these capabilities from a server-based system that is up to date; keeping other software up to date including Office; and having a predefined process ready if an XP breach occurs.

Organisations should perform a cost/benefit analysis, it said, as rather than trying to retain XP and mitigate risks, it could be easy to migrate the remaining XP systems or pay Microsoft for custom support.

Meanwhile, the government's £5.5m deal to extend XP support for a further year has been called into question by Robert Rutherford, CEO of business IT consultancy QuoStar.

"The year-long extension of Windows XP support purchased by the UK government shows how unprepared the UK still is for the risks threatening its technical infrastructure," he said.

"Whilst the public sector has been bailed out in a last-minute extension, any British companies that have not upgraded will, from today, be exposed to numerous vulnerabilities which could leave them at serious risk of hacking, invasive malware and highly destructive viruses," he added.

Those organisations that are still using Windows XP will welcome the news that Google will support its Chrome web browser on XP until April 2015, while antivirus companies will also update their software running on XP PCs until 2015.

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?