Many companies caught in the lurch as Microsoft ends support for Windows XP 2
On July 13, Microsoft will officially retire Windows XP Service Pack 2 . Although it will continue to provide security updates for XP Service Pack 3, it will stop providing patches for the older SP2. Microsoft offers support for its products for five years and extended support for another five years. For XP SP2, that journey comes to an end on July 13. Windows XP 3 will be supported until April 2014.
Microsoft issues security updates and other core operating system patches every second Tuesday of the month, known as Patch Tuesday. Whereas most home users typically install these patches automatically, corporate users usually install service packs and security updates manually and only after extensive testing. For large corporate environments, operating system upgrades are often a very perilous and expensive exercise.
According to security risk and compliance management provider Qualys, 50 percent of the several hundred thousand PCs it monitors for its clients are still running Windows XP SP2. Most of these are probably user desktops, but some may also be applications and appliances that use Windows XP 2 as the base platform. Upgrading such systems may make them inoperable.
According to Sajed Naseem, principal at Washington DC based security firm, Secure Intervention,
” The longer these systems linger after the July 13 deadline, the more vulnerable they become. There will undoubtedly be many Windows XP 2 systems still out there and hackers know that. Only there will no longer be security patches coming from Microsoft as new holes are discovered and publicized.”
|
William J McBorrough is a Security Expert with many years of success Managing, Designing, and Implementing medium and large enterprise Physical and Information Technology Security Solutions. His experience spans the spectrum from small e-commerce start-ups to multi-campus state and federal agencies to global financial sector organizations. He is on the faculty of various universities including University of Maryland University College, EC-Council University, George Mason University and Northern Virginia Community College where he conducts research and teach graduate and undergraduate courses relating to cybersecurity, cybercrime, cyberterrorism, and information security and assurance. He holds a Bachelors of Science in Computing Engineering with a concentration in digital networks and a Masters of Science in Information Security and Assurance. He is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified in Risk Information System Control (CRISC), and Certified Ethical Hacker (CEH).He is well versed in personnel, systems and network security risk management. His core competencies include Developing cost effective solutions to enable mission assurance in the following areas: Enterprise Risk Management, IT Governance, Security Organization Development, Information Security and Assurance
|
Related posts:
- Aaaah The Infamous Blue Screen of Death
On Tuesday, Microsoft issued a patch, MS10-015, to fix a 17-year-old kernel bug in all 32-bit versions of Windows. Since then, Microsoft’s support forum has been flooded with complaints by... - Microsoft warns of new IE bug being exploited by hackers
Microsoft Corp. today warned of a critical vulnerability in Internet Explorer that is already being exploited by hackers; it was the company’s second such admission in the past two months.... - Microsoft resumes pushing Blue Screen Update
Microsoft has resumed pushing out the patch connected to the recent Windows blue screens. Microsoft concluded that the system crashes with due to a rootkit [named Alureon] infecting the users... - Microsoft offering choice of browser to users in Europe
Microsoft has been ordered to introduce the browser “ballot box” following a ruling by the European Commission that Microsoft’s practice of pre-installing Internet Explorer on every new computer was anti-competitive....