March 18, 2014
As Microsoft Ends Windows XP Era, Some Government Computers Could Become Vulnerable
Peter Suciu for redOrbit.com - Your Universe Online
According to the latest data from Stat Counter, nearly 21 percent of computers worldwide are still using Windows XP; but, in a few weeks the XP era will officially end – at least as far as Microsoft is concerned.
Last month the software giant reminded computer users that as of April 8, 2014 it will no longer provide security updates for Windows XP and Office 2003. Businesses will no longer be able to receive technical support from Microsoft, and this could leave many users open to possible cyber-attacks.
However, Microsoft didn’t exactly spring this on users and, for the past six years, had announced that that essential end of the line for Windows XP – which was released in 2001 – would be coming.
This past weekend The Washington Post reported that whilst this deadline is fast approaching, an estimated 10 percent of government computers will likely still be running the Windows XP operating system. This could include thousands of computers on classified military and diplomatic networks, US officials said.
The paper added that these networks typically have stronger defenses, but as these hold more sensitive data the stakes are high if a breach does occur. As a result, security researchers have warned that hackers could even be prepared for the “end of life” of Windows XP, and this includes the stockpiling of “vulnerabilities” within it.
“Once XP goes out of support and is no longer patched, you’ve just raised the vulnerability significantly on the whole Windows platform in your organization if you haven’t moved off XP,” Richard Spires, a former Department of Homeland Security chief information officer, who called the problem “urgent,” told the Washington Post.
Microsoft had reportedly been asked to extend the deadline for ending support for Windows XP, but the company declined. Instead it offered “custom support agreements,” which would entail a fee and according to some researchers fall short of the support currently provided by Microsoft.
Currently, when a vulnerability is found software makers provide security patches, but after April 8 Microsoft will simply stop offering such patches or upgrades. This has been met with sharp criticism by some government officials.
“For all the money we collectively give Microsoft, they were not too receptive to extending the deadline,” a senior State Department official, speaking on the condition of anonymity to be candid about relations with a major vendor, told the Washington Post. “There was some grumbling that they were not willing to extend.”
Microsoft has fired back that it had long made it clear that XP would be reaching its end of life, and that it has long supported the OS.
“Because we are tightly working with our customers, and because of the types of systems that have yet to make the move off XP, we do not feel there is a substantially greater risk for the federal government on April 9 than there is on April 7,” Mark Williams, Microsoft’s chief security officer for federal systems, said in an e-mail to the paper. “That being said, at the end of the day, it’s important to remember that the most safe system is a modern one.”
Microsoft has also made it clear that as of April 8, 2014 Windows XP and Office 2003 will continue to work.