Software // Operating Systems
09:06 AM
DDoS Attacks & Their Threats to Your Business
May 10, 2016
Who better to brief you on the latest in DDoS attacks and prevention than the ones working on the ...Read More>>

Windows XP Won't Go Quietly

With Microsoft's end-of-life deadline for Windows XP just three months away, three out of four IT pros still must support the OS.

7 Mistakes Microsoft Made In 2013
7 Mistakes Microsoft Made In 2013
(click image for larger view and slideshow)

Step right up, place your bets. How many computers will still be running Windows XP come April 8?

That's the fast-approaching day that Microsoft will stop supporting XP, its most popular operating system ever until Windows 7 came along. And that means no more updates, no more bug fixes, and -- perhaps most important of all -- no more security patches.

The new year kicked off the final countdown, but not everyone is in a huge rush to leave the aged OS behind. XP usage dropped from roughly 39.5% of PCs at the start of 2013 to just under 29% at year's end, according to Net Applications data. That's a steady decline, but hardly spells the actual end of XP. Even a much faster rate of falloff -- say, three percentage points per month between now and April -- would mean roughly one in five PCs worldwide will still be running XP after Microsoft shuts off support.

These aren't just laggard consumer desktops collecting dust in living rooms and home offices, either. Some 76% of IT professionals reported in a recent survey they still support at least some XP machines in their corporate environments. And while plenty of them are scrambling to upgrade to Windows 7 or higher, 36% reported that they plan to leave at least some of their existing XP systems in place after the April support cutoff. The poll conducted by Spiceworks included 1,300 IT pros, most of them working in the US.

[If a key to success is learning from your mistakes, Microsoft should be well positioned for 2014. See Microsoft In 2013: 7 Lessons Learned.]

So, what gives? Moreover, what's in store for XP diehards come April 8?

"If businesses have not yet migrated [from] Windows XP, it is not because they do not want to but because they have many internal barriers," Techaisle CEO Anurag Agrawal said in an email interview. Agrawal's examples of those barriers echo many of the reasons some businesses are essentially ignoring Microsoft's support cutoff: budget, hardware, and application compatibility; strapped IT resources; user availability and training; and so on.

Most folks paying attention agree there are potential risks in running an unsupported OS: Security, compliance, performance, driver support, and others. Yet ask enough those folks -- IT pros, security experts, analysts, business owners, and so on -- what they think will happen to XP users after April 8 and you'll get responses ranging from "scorched earth" to "no big deal." Then again, no one really knows exactly how it will play out.

We're about to find out, though, because XP's not going to disappear in the next three months. Brian Burch, VP of global consumer and small business marketing at Symantec, noted that current XP usage "means many people have yet to transition" even with the end-of-support date so close at hand. Burch said consumers, in particular, should upgrade as soon as possible. But he added that such upgrades can be less straightforward for businesses.

"Occasionally, there are circumstances that make it very difficult to upgrade systems," Burch said in an email to InformationWeek. "For example, Windows XP is often used for industrial control systems that have long lifecycles and low downtime or critical applications that need redeveloping."

For organizations planning to keep XP in use post-April 8, Burch advised taking steps to minimize the downside. For instance: "If you have a system that can't be upgraded, look at lockdown technology to only allow the functions that are needed by the system and prevent others," Burch said. "This can protect the system and reduce the need for patching."

System is a good word choice. While OS usage stats like those above typically focus on PCs, XP in fact powers much more than desktops and laptops. Thousands of ATMs are powered by XP, for example -- as many as 75% of ATMs in the US alone, according to one industry estimate last July.

Indeed, XP is "a platform used in all manner of embedded devices," Chester Wisniewski, senior security advisor at Sophos, said in an email to InformationWeek. He expects the end of XP support to be just one milestone in a much larger security trend driven by the Internet of Things and other factors. "We are all putting in place far more technology to support every aspect of our everyday lives," Wisniewski said.

As a result, OS fragmentation, support cutoffs, and related issues aren't simply a matter of PCs or even mobile devices. If you think XP desktop users are behind the times, consider some less visible technologies. "It has been said that the embedded devices in the [power and utilities] industry are 15 years behind the mainstream desktop environment, but now many of these embedded devices with similar security challenges are making their way into every aspect of our personal and professional lives," Wisniewski said. In other words, XP's so-called "end of life" may be just a beginning.

"Many have talked about the Internet of Things but have yet to consider the huge variation in operating systems, platforms, and subsequent security issues," Wisniewski added. "We will see far more of this over the next couple of years."

So, what will happen to XP machines -- not to mention the corporate networks they connect to -- on April 8? Security apocalypse? Business as usual? Somewhere in between?

Step right up, place your bets.

Kevin Casey is a writer based in North Carolina who writes about technology for small and midsized businesses.

Too many companies treat digital and mobile strategies as pet projects. Here are four ideas to shake up your company. Also in the Digital Disruption issue of InformationWeek: Six enduring truths about selecting enterprise software. (Free registration required.)

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 3   >   >>
User Rank: Strategist
1/8/2014 | 1:48:49 AM
Re: One Windows Application
Robolinux neatly circumvents the whole issue of Windows insecurity. For those who need to remain with XP, for one reason or another, this is a cost-effective address.
User Rank: Ninja
1/8/2014 | 12:03:29 AM
Stock Up!
I hadn't thought about all the retail and banking systems that still run XP now, and certainly will still be running XP on April 8th. Unlike Y2K, it seems like a lot of people who should know better are completely ignoring this. I'm going to make sure I have a little extra cash on hand, and plenty of milk and eggs in the fridge when the fateful day arrives. Now, I'm glad my motherboard cracked late last year and my new machine sports Windows 7, not that it can do ANYTHING better that XP did.
User Rank: Apprentice
1/7/2014 | 8:34:58 PM
Re: windows xp
And how long will Microsoft allow us to access and download Windows Updates?

A specific senario would be a format and install of Windows without any updates applied.
User Rank: Apprentice
1/7/2014 | 5:27:07 PM
Re: Not broke then don't fix it
Are you forgetting that we have just come out of the worst recession since 1929? Many businesses have barely survived and do not have the resources to upgrade at this point. Even the best laid plans have gone asunder during these tryin times.
User Rank: Moderator
1/7/2014 | 3:50:01 PM
Re: windows xp
Very true. XP definitely still visible in consumer retail/hospitality contexts. Oleg Moskalensky, an IT pro I interviewed for a different XP story last summer, shared this photo (via Google+) soon after that piece ran:

User Rank: Apprentice
1/7/2014 | 3:24:06 PM
Re: XP Wont Die Easily
Microsoft has never said that XP is obsolete. MS ending support for it is simply a business decision that is no longer beneficial financially.

BTW, while you're busy trashing MS try to find another single edition of a consumer OS from Apple or Google that has been actively supported half as long as XP has by Microsoft.
User Rank: Strategist
1/7/2014 | 2:55:44 PM
Re: XP Wont Die Easily
XP will not be going anywhere soon. There is far too much banking, security, point of sale, ATM and custom, business specific software out there that has not been ported to Windows 7 or 8 for the countless reasons littering forums across the web. And Microsoft doesn't care. This EOL for XP is simply their embarrassing last ditch effort to force you to buy their next dysfunctional and woefully inadequate operating system. I believe these survey numbers are a bunch of crap as well, another attempt to influence upgrades through the illusion that others are already doing it. They are not. It would be interesting to hear from the Banking industry directly, what are your plans to "upgrade"? I still see A LOT of XP out there, and I don't see these business applications moving. Nor do I see Microsoft offering to help their customers move. All they offer is to charge you more money for more of their crapware. They sell a product, NOT solutions. Why consumers will give their hard earned money to a corporation that handles their customers this way is beyond me. I guess perhaps the same reason  that Americans refuse to get off their butts and vote, even thought their government is running wild and fleecing them through taxation and grossly violating their privacy and civil rights. Apparently, Americans like being slapped around and abused...  Anyway, if you need to continue running XP, there are several ways to sandbox the system via virtualization; run it as a VM on a secure platform, like Linux. Another good option is using products like DeepFreeze to protect the system "image" .  Taking systems that do not need internet acess off the network will greatly increase security. Installing hardware firewalls in front of those that need internet access and locking down any port not actually in use will help as well. Ultimately, you really need to look at another OS eventually, and Linux has some great candidates that are well supported, like Ubuntu or Mint, as well as well known distros like Redhat and Cent. Lots of altenatives out there... you do have a choice.
User Rank: Ninja
1/7/2014 | 2:49:58 PM
Re: Not broke then don't fix it

@gfouts15,  29% of the computers in the world still run Windows XP. This is close to 600 million machines. How could this still be?  XP is not obsolete just because Microsoft says it is. So you propose spending let's say $500 per machine for this hotel?  Remember now that Win7/8 machines do exactly the same thing that currently happily running XP machines do. What does the $500,000 get for the hotel's bottom line?  Hey, I agree with you but for those that count the pennies it's not so clear on the benefits.  They usually choose to replace/fix when broken.

User Rank: Strategist
1/7/2014 | 2:22:27 PM
Re: One Windows Application
I use Robolinux a very professional, user friendly OS, which provides a highly innovative one click XP virtual machine installer . The best part is since all the XP data resides inside the Robolinux partition, XP is 100 % immune to viruses and malware. This is an excellent solution for those who cannot afford to upgrade or cannot upgrade.
User Rank: Guru
1/7/2014 | 2:16:07 PM
Re: Not broke then don't fix it
So tell me, when someone installs all these Windows machines (or any other software for that matter), do you expect you will not have to switch them out at some point, maybe in 10 years?!  If you are stuck with limited budget, do the Executives understand this issue?  Did long term planning for this scenario ever take place?  It isn't a matter of having money as everyone complains about budgets.  The issue is planning for obsolesence which is a really big deal and apparently a pretty common oversight.
<<   <   Page 2 / 3   >   >>
Register for InformationWeek Newsletters
White Papers
Current Issue
2016 InformationWeek Elite 100
Our 28th annual ranking of the leading US users of business technology.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of April 24, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week!
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.