I just checked the time, and as I write this post we still have 10 hours of support. By the time you read this, the timer will have reached 0.
That means that updates, including security updates, will no longer be provided for Windows XP from Microsoft.
- 10 years of support (5 years Mainstream Support and 5 years Extended Support) at the supported service pack level for Business, Developer and Desktop Operating System products
- 5 years Mainstream Support at the supported service pack level for Consumer and Multimedia products
- 4 years Mainstream Support for Consumer Hardware products
Please refer to Microsoft Support Lifecycle page for more details.
Thoughts to Consider
I have heard from a lot of people telling me that they will still keep using their XP because as “they” say, it’s the best OS for them. In this scenario, items that should be taken in consideration include:
- Are their XP machines domain joined?
- Does their imaging process produce local Administrator passwords that are all the same?
- Does their Domain Admins use their credentials to browse the web & check email on XP machines?
- Do they have any Service Accounts running with Domain Admin?
According to the Microsoft Security Blog
The types of attacks that we expect to target Windows XP systems after April 8th, 2014 will likely reflect the motivations of modern day attackers. Cybercriminals will work to take advantage of businesses and people running software that no longer has updates available to repair issues. Over time, attackers will evolve their malicious software, malicious websites, and phishing attacks to take advantage of any newly discovered vulnerabilities in Windows XP, which post April 8th, will no longer be fixed.
The Microsoft Security Blog also identifies additional possible risks that include:
- Surfing the internet
- Opening email and using instant messaging (IM)
- Using removable drives
- Worms will use any newly discovered vulnerabilities to attack windows XP
The following chart shows the encounter rate in comparison to the infection rate by operating system and service pack. The thing to keep in consideration is that while the encounter rate is similar across all Windows offerings, Windows XP could potentially pose a larger infection rate.
*The charts above are based on existing data to date of the source, and do not anticipate additional effects of post-support Windows XP encounter and infection rates. Source: http://blogs.technet.com/b/mmpc/archive/2013/10/29/infection-rates-and-end-of-support-for-windows-xp.aspx
So What Should You Do?
There are ways to manage some of the risks of running Windows XP post April 8. However, none as good as upgrading to a supported platform. So our best guidance is clear: the best option is to migrate to a modern operating system like Windows 7 or Windows 8. If you’re still rocking the XP, start by visiting AmIRunningXP.com, a website that provides guidance on how to upgrade.