Thursday, February 6, 2014

Windows XP Prone To Zero Day Attacks

Microsoft is fervently urging its Windows XP users to migrate to a newer OS, as it plans to end support for the decade old OS in the month of April. This move means that Microsoft will no longer be releasing any security patches or updates for its XP customers, leaving them vulnerable to zero day attacks. The lack of security updates gives hackers a golden opportunity to take advantage of helpless Windows XP users.

In an official blog post Microsoft stated, "But after April 8, 2014, organizations that continue to run Windows XP won’t have this advantage over attackers any longer. The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP. Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a 'zero day' vulnerability forever."

Most hackers are smart enough to reverse engineer past security updates, to look for a point of vulnerability in the updates. Once these are found, hackers can exploit operating systems that do not have the security update, making Windows XP vulnerable forever. End of support also means that Microsoft will no longer be liable to any issue faced by Windows XP users. Microsoft outlines that one of their biggest concerns is that, "One risk is that attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders."

This is very bad news for over millions of Windows XP users, who still rely on the decade old OS for most of their computing needs. Organizations face the biggest peril as the lack of Windows support will make almost all their information susceptible to attack, and private, sensitive information could become public news. Even worse is the fact that industry deployments typically take more than 4 months, which is way past the deadline date fixed by Microsoft. Organizations only have three options left: migrating to Vista, Windows 7 or Windows 8. Windows 8 might not be on the top of the list, even though it performs better than Windows Vista and Windows 7. This due to fact that Windows 8 requires many hardware upgrades. Either way, once Windows support for XP crosses the deadline, millions of systems around the world face peril.

No comments:

Post a Comment