The countdown to XP Armageddon is now eight days away and if you’ve sat there twiddling your thumbs, thinking there would be an extension or that your Windows XP systems work great, then you’re about to be very sorry.  On August 25, 2001 Windows XP was released, here we are nearly thirteen years later, your systems have been patched over like an old bicycle tube and there’s more patch than operating system.  Beyond any shadow of a doubt this was a tremendous operating system with much deserved success. News flash – if it isn’t obvious to you yet, if you still have Windows XP systems running around and aren’t making the move off of this, that’s a problem.  It’s a massive security problem to the enterprise and a massive security problem to the individual there is no way around it.  If you have heard otherwise and believe such advice, or believe this is some kind of upgrade marketing ploy, well then you may as well stop reading this article now.

.

.

.

Still with me?

Good.  Windows XP is over a decade old.  That’s more than a lifetime for an operating system, it’s just about two lifetimes on the low end, in fact.  In the past year, stark warnings have emerged industry-wide (and not just from Microsoft) about zero-day vulnerabilities that can never be fixed once they get out there.  According to various private sources, there is a rising buzz within information security circles that says hackers have been reserving their vulnerabilities for this very day, meaning there will be no way for them to be stopped from exploiting millions upon millions of computers.

You may as well get used to bugs

Even if that was somehow not true, consider that exploits still to come may inadvertently come from Microsoft itself.  You see, when a new Windows 7 or Windows 8 patch is released, it addresses a vulnerability.  That patch changes the code and behavior of the system, a value that can be analyzed and reverse-engineered.  What can result here are brand new, previously undisclosed vulnerabilities that are well and patched in current operating systems, and because of a similar and common base of code, will be effective against still-running Windows XP systems – and the trail unfortunately comes from sound security practices from Microsoft.  But you have been warned.

If you haven’t updated your operating systems or your enterprise is several patch levels behind, you had better start moving fast.  I beat this drum a month ago and a year back. Applications tied to IE7?  Support for that is gone.  How about applications tied to XP’s Outlook email – also gone.  Close to 30 percent of the US systems out there by many independent estimates are Windows XP systems.

BOO!

Actual image of Windows XP dated: 4/09/14

Any suggestions that you can creep by with Windows XP until the systems just get replaced by attrition are flat out wrong, and it indicates ignorance of common security standards, of sensible patch management strategies practiced industry-wide and in fact a lack of any real enterprise experience.  Believe that horror stories are coming, and soon it will be all too real.  Then this concept that this is somehow a marketing FUD (Fear, Uncertainty, Doubt) ploy will quickly dissipate.  This is coming and quite simply it cannot be hung on Microsoft’s neck.  You cannot simultaneously criticize Microsoft’s security one day and tell the world that it’s OK to run your XP systems till they die on their own.  You must get moving.

Now, maybe you’re just an individual, not a business, or maybe it’s a small shop.  If you like getting p0wned, then rail away.  If you have a hobby system at home and you don’t want to upgrade, fine, you’re on your own.  If you rip some CD’s once in a while on some throwaway system and it never connects the internet, then also fine.  If you never plan to upgrade any element of an application or hardware on your system, go for it – stick with XP.  Hopefully people consider these to be non-acceptable.

Support isnt’ just a phone call to Redmond

Now a smaller business shop may rarely call support, but patching is actually a part of that support of the operating system.  Application compatibility, drivers and more are a part of the XP ecosystem that stems from support.  If you think you can go on without any of that, then best of luck.

Thankfully, it seems most organizations get it.  Things happen, companies move slow, budget and personnel issues have some impact, applications they use may not have made the jump long ago.  They may have been caught flat-footed here, but they get it and we have correspondingly received many pitches on XP migration, best practices and strategies to bridge this technology over.  We’ll try to get through most of those, the thing to know is this – there is help out there, there are technical advancements that can help you out of this (cloud-based VDI is a favorite of mine) and there are others in the same situation.

The risks are huge – security, identity, malware, ransomware, botnets and the list grows and grows.  If you’re not sure if you’re running XP, Microsoft has set up a funny little website called AMIRUNNINGXP.COM

Whew! That was close.

Also this one XP note just flew into my inbox, guess what day is coming up?  Tax day. (Yay America).  Opportunity, meet motive.  Identity, meet your Eastern European owners.  More on that next.

It’s XP Armaggedon time here on SiliconANGLE and we’re tuned to the wire for disaster stories, success stories and any funny Windows XP jokes so please send those to me.  johnc@siliconangle.com

photo credits: Vermin Inc & Mike_tn & x-ray delta one & Jason A. Samfield via photopin cc