Tuesday, March 18, 2014

XP End of an Era or... Deja Vu All Over Again!

   Unless you just came back from time traveling, you know that Microsoft is ending support for the XP
operating system on April 8.  To be clear... April 8 is Patch Tuesday, so that will be the last set of updates for XP.  Sort of.

   XP has been one of Microsoft's most popular desktop operating systems and many organizations are dependent upon it.  Many organizations have not yet updated to Windows 7 or 8 and the clock is ticking.  I'd like to look at what that means and share a few ideas of what we can do to protect ourselves and our organizations.

   Microsoft will be stopping all patches, hotfixes and enhancements to XP after April 8.  Anti-virus signatures will continue to be made available.  This means that any vulnerabilities that are discovered or disclosed might not be fixed.  Organizations will need to figure out if they are vulnerable to any new threats and then weigh the risks associated with their options.

   There has been some speculation that online criminal organizations may be stocking up on new vulnerabilities so these can be released after the last patch date.  We can't know if this is true, but it is possible.

   So... if you are still running XP, and need to continue to run XP, what can you do?  Let's do a high-level threat analysis: