07:58 PM

Microsoft Ends Support For Windows XP SP2

Almost half of all PCs still run the operating system, which could leave organizations exposed to new malware, with no way of patching the vulnerabilities.

Microsoft will end support for both its Windows 2000 and Windows XP Service Pack 2 (SP2) operating systems this Patch Tuesday.

Unfortunately, the security implications could be a rude awakening for many organizations, because 45% of all PCs still run Windows XP SP2, and 77% of organizations run it on at least 10% of their PCs. Those findings come from a study released last month by Softchoice, of about 280,000 PCs running in 117 private and public sector organizations in the United States and Canada.

"We were surprised by the number of people who have not yet deployed Service Pack 3," said Dean Williams, services development manager for Softchoice, in a statement. "If organizations aren't already on top of this, they should be moving quickly to update their systems." The upgrade is free, but Williams notes that it can take a significant amount of time to test and apply it.

Still, there's little reason to wait. "While there were some documented issues when Service Pack 3 first launched, this was much more of an incremental upgrade compared to the major overhaul represented by Service Pack 2," he said. "Many users rightfully delayed their SP2 deployments but at this point there really isn't a compelling reason to delay the move to SP3."

Microsoft said it will support Windows XP SP3 at least through April 2014.

Continuing to use Windows XP2 could also leave organizations contending with ever greater amounts of malware aimed at exploiting vulnerabilities that can't be patched, or for underlying components which simply don't get patched.

That's because, from an information security standpoint, the problem isn't just that security updates for Windows XP SP2 will cease. "Your installations for Internet Explorer, Windows Media Player, Outlook Express and other Windows XP SP2 components also won't receive security patches if you're running that version of the operating system," said Graham Cluley, a senior technology consultant at Sophos, on his blog.

The result is a potential PC management headache, with IT managers having to monitor their "sunset" -- in developer parlance -- Windows XP SP2 clients for signs that they'd been hacked or exploited, while also ensuring that they continued to patch the underlying components, to triage PCs as best they could.

Comment  | 
Print  | 
More Insights
InformationWeek Elite 100
InformationWeek Elite 100
Our data shows these innovators using digital technology in two key areas: providing better products and cutting costs. Almost half of them expect to introduce a new IT-led product this year, and 46% are using technology to make business processes more efficient.
Register for InformationWeek Newsletters
White Papers
Current Issue
How to Knock Down Barriers to Effective Risk Management
Risk management today is a hodgepodge of systems, siloed approaches, and poor data collection practices. That isn't how it should be.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.