0 Members and 1 Guest are viewing this topic.
There are three months to go for Windows XP. The ancient operating system is leaving extended support on April 8, at which point Microsoft will no longer ship free security fixes. XP itself isn't the only thing that's losing support on that date. The Windows XP version of Microsoft Security Essentials, the company's anti-malware app, will stop receiving signature updates on that date and will also be removed for download.The message is clear: after April 8, Windows XP will be insecure, and Redmond isn't going to provide even a partial remedy for the security issues that will arise. Antivirus software is just papering over the cracks if the operating system itself isn't getting fixed.In contrast, both Google and Mozilla will provide updates for Chrome and Firefox beyond the cessation of Microsoft's support. Google has committed to supporting Chrome until April 2015.With three months to go and Windows XP still holding almost a thirty-percent usage share of the Web, the ending of support is going to have an impact on a lot of people. Still, it's unlikely that killing off MSE is going to be the straw that breaks the camel's back and forces these Windows XP holdouts to upgrade.The big question is, what will? XP's end of life shouldn't come as a surprise to anyone, but there are plenty of XP users who evidently don't care. There's no chance now that the remaining users will migrate off the operating system in the few remaining months of support. An abundance of insecure, exploitable, and most likely exploited Windows XP machines is now an inevitability.
Earlier this month, we reported that Microsoft would stop providing updates for Microsoft Security Essentials on Windows XP on April 8, the same day that it will cease providing security fixes for Windows XP. The company has now altered its stance and will produce signature updates for Security Essentials until July 14, 2015.This change, it says, is to help organizations complete their migrations. Of course, using that rationale, the company should extend Windows XP's support until the heat death of the universe.While it will provide updated signature definitions, the company warns that its research "shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited." In other words, it's hard to provide a robust anti-malware system when hostile code can penetrate processes and the kernel willy-nilly just through attacking the browser.
Part of me is willing to accept that companies which have only recently begun migration efforts might benefit from additional security support to complete the process. But a much bigger part of me wants to say: let’s get real here. Windows XP has already had a three-year extension on its supported life. If you haven’t managed to update your infrastructure to handle its successors, your business is already in real trouble. Security hand-holding isn’t going to help with that, a point Microsoft acknowledges in its update:Quote Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape.Quite. If you’re still using a 13-year-old operating system for business functions, there’s something wrong with your processes.The other problem? Making this move will just fuel the ongoing chatter that Windows 8 has not been successful enough.
Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape.