April 8 is the day when Microsoft will halt support for its aging operating system, Windows XP. This means that the tech giant will stop providing security updates and support for the OS — which debuted in 2001 — leaving computers vulnerable to zero-day attacks. This news comes alongside a recent push for adoption of Windows 8, the newest in Microsoft’s line, which allows users to take advantage of computer hardware and software in ways that XP cannot.
Gearing Up for the Change
Adrian Covert at CNN discusses the details of what will happen on April 8 and what Microsoft expects users to do about it. First, it is important to note that computers running XP will not cease to function this spring, but they will certainly be in greater danger for certain types of attacks. Covert sums up the overall situation in a single paragraph:
“After April 8, Windows XP computers will be more susceptible to malware and viruses beginning, since Microsoft will no longer address major holes in the software,” he says. “Although antivirus software will continue to fend off some malicious attacks, Microsoft’s security updates provide an essential line of defense.”
Computers will be more susceptible because of dangers like zero-day attacks, which include different forms of malware that compromise computers by exploiting software vulnerabilities that developers did not previously know about.
Often, when developers realize that a zero-day exploit exists, they patch the software. Essentially, a patch will plug a hole that hackers could have used to access a user’s computer. Patches regularly show up during Patch Tuesday, for instance — the second Tuesday of each month, when Microsoft releases patches for various parts of its supported operating systems.
In April, XP will no longer be part of that patch release cycle. So, any zero-day exploits that hackers currently know about will be useful in their development of new viruses, trojans, worms, and other forms of malware. And these new malware products will have an unobstructed path into XP without any fear of developers bolstering the system’s defenses.
What to do? What to do?
Microsoft announced on January 15 that the company will continue to provide antimalware signatures for XP users through July 14, 2015. Specifically, these updates apply to the System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection, Windows Intune, and Microsoft Security Essentials software packages.
Microsoft admits, though, that users will still be vulnerable, despite continuing to have the ability to properly detect viruses:
“Our research shows that the effectiveness of antimalware solutions on out-of-support operating systems is limited. Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape.”
Even if that statement is true and modern systems do provide the best protection from threats, the fact remains that many older computers are not capable of running Windows 8. Such models may not have the necessary hardware to use the modern OS, forcing people to purchase new systems with more powerful components.
Users are stuck with two basic options: either they can purchase new systems that are capable of running — and likely will come with — Windows 8, or they can weather the storm and continue to download antimalware signatures as their primary, official protection.
Neither option may look appealing for anyone wedded to his or her current workstation, but the situation remains. Users have two months to upgrade, or they risk facing a technologically uncertain future.
Image courtesy of Wikimedia Commons