The Windows XP end of life is months away but the clock is ticking. Are IT managers listening? Once April 8, 2014 hits, businesses using Windows XP won't be protected against new malware attacks.
Microsoft has released its latest Microsoft's Security Intelligence Report, which analyzes cyber exploits and threats in over 600 million computers worldwide.
One of the report's messages is grim when it comes to compliance . The finding: Windows XP systems had an infection rate that was six times higher than Windows 8.
On Tuesday, Tom Rains, Microsoft's Director, Trustworthy Computing, posted his observations about the cybersecurity report. Rains sent out a wake-up call about the risks of running unsupported software . On April 8, 2014, support will end for Windows XP, and that means no more "hotfixes," no more security updates, no more assisted support options.
After the end of support, attackers will have an advantage, said Rains. When Microsoft releases monthly security updates for supported versions of Windows, attackers will try to reverse-engineer them to identify vulnerabilities in Windows XP.
No Basement Hobbyists
If they succeed, attackers will then move to develop exploit code to leverage those vulnerabilities. Rains noted that “inevitably there is a tipping point where dated software and hardware can no longer defend against modern day threats and increasingly sophisticated cybercriminals."
The report noted key threats for those running Windows XP are Sality, malware that steals information and lowers PC security settings; Ramnit, malware that attacks executable files, Microsoft Office files and HTML files; and Vobfus, worms that download other malware onto PCs.
“Today’s cybercriminals aren’t the hobbyists we saw developing malicious software from their basements in the 1990s,” said Rains. “Cybercriminals today are no longer motivated by fame and notoriety; they are well funded underground organizations, often with advanced capabilities that include large-scale malware automation , who are motivated by profit or seek to cause real financial or political harm.”
Are business managers listening? A recent survey suggests not all managers are prepared. A study announced in September, "Application Usage Management Survey: Software Migrations & Application Readiness," from application usage management company Flexera Software, prepared jointly with IDC, surveyed enterprises planning their OS migrations. (continued...)