Google+ Your perilous future on Windows XP By Larry Seltzer for Zero Day ~ High Tech House Calls
Expert Computer Consulting for Homes and Small Businesses

Let there be hope...

Life has changed there is no doubt and we wanted to reach out to see how you are doing.

As we go through this interesting time, we are trying to look at this as an opportunity to focus on our family and on friends like you. Let us use this extra time to catch up and talk more. Let us cook food that is not fast, but interesting and satisfying. Let us learn to enjoy a time to try new things. Let us find ways to enjoy time at home!

Computer Security

If my client base is any experience, anyone can be a victim of a Ransomware, Malware or Virus attack.

What can you do about it?

I conduct audits of your entire computer infrastructure and apply best practice solutions to plug the security holes on your computers, Smartphones and networks.

Now offering consultations to give you the best protection possible:


404.229.0839
carlthorne@hthcatlanta.com

Jack of All Trades, Master of Many

Jack of All Trades, and Master of Many

We provide technical support for:


Homes and small businesses

Windows and the Mac OS platform

iPhones and Android Smartphones

Wireless and wired networks

New device setup

Old device upgrade or repair

One-on-one training

Remote assistance


How To Stop Malware

Thursday, August 22, 2013

Your perilous future on Windows XP By Larry Seltzer for Zero Day

Summary: You've been getting warned for ages about the impending end of support for XP. Things are even worse than you've heard (especially if you run Internet Explorer). Expect a flood of new vulnerabilities and no help for them.

An older relative (a really frugal but sharp guy in his 80's) once bemoaned to me about the scam in the computer industry pushing people to upgrade all the time. "Why" (I'm paraphrasing here) "should I upgrade a computer which does what I want it to do?"
We're coming up on one really good answer to his question. As Mary Jo Foley reported the other day, Microsoft is stepping up their warning campaign about users still running Windows XP, which will reach end of life on Patch Tuesday, April 8, 2014.

Microsoft warns Windows XP users risk 'zero day forever'

Security is the reason my relative doesn't appreciate for why running old software is often an inherently bad idea. Security technology in Windows XP was never really that great, even if it got a lot better with SP2, but the product was a runaway smash hit to such an extent that we may never be rid of it. Next April will be 12 years since Windows XP was made generally available; this is an astonishingly long time to keep supporting a software product. Nobody else keeps support life spans like Microsoft; with Windows XP they actually extended the normal 10 year life by 2 years, a move I consider a grave error. In fact, they should seriously think about cutting the 10 year standard down.

Partly as a result of their policies and partly because of people like my relative, Windows XP is still a massive presence in the market, and it's a massive target of attack. So are later versions of Windows, but those versions are far better able to defend themselves against attack. See the stats in this blog entry by Microsoft's Tim Rains which explains just how much more vulnerable to breach XP is than Vista, Windows 7 and especially Windows 8. Imagine how vulnerable it will be when you can't even get patches for critical vulnerabilities anymore. Only a fool would rely on it.

One point Rains didn't make that I think is worth emphasizing: If you're using Internet Explorer on it, and I bet many XP users are, you are stuck with a version that will soon be 3 generations old and without critical updates anymore. Don't keep using XP but, if you do, use Chrome or Firefox. (This reminds me of the old line "Don't stick your hand in the garbage disposal but, if you do, use your left hand.")

Windows XP: The end is near
Some other points: If you're on XP and you care about updates you're probably using Windows Update, and therefore automatically running the Malicious Software Removal Tool every month. Not any more after April 2014.

And it's not exactly a wave yet, but more and more software is not supporting XP, or at least not well. You can make a good case that this is irrelevant, since the users sticking with XP are likely sticking with the software they already have, but it's another thing to consider.

One thing you don't have to worry about is antivirus support. I asked Kaspersky about their plans for XP. Elliot Zatsky, Senior Director of Consumer Partner Services at Kaspersky Lab said that about 20% of their user base is still on Windows XP (!). It's slowly trending down and they expect, as a result of the end of XP support and the release of Windows 8.1, their XP decline will "increase slightly and continue on this steady downward trend for a few years." Zatsky says the company plans to include support for Windows XP in their 2015 product line and, therefore, for at least 2 more years.
I also asked whether the inevitable increase in unpatched vulnerabilities on systems makes it harder for antivirus to do its job. Obviously this increases the chance that a system will be infected in some way, but Zatsky says that their multiple layers of protection should catch any malware in real time even if it is trying to exploit a vulnerability.

I think they may be a bit optimistic with that last point. Things will certainly get worse for Windows XP. Once there are no more patches, demand for vulnerabilities may increase considerably. It wouldn't surprise me if some are being stockpiled for next year; it's a risk since someone else may discover it, but if you release an exploit for which there will be no patch, users will be helpless.
You out there, the one running XP! That's you I'm talking about when I say "helpless." When the new models show up for the holidays it's time to go computer shopping.