Last time we checked, nearly 30 percent of Windows users were still running XP. This was despite the dire warnings from Microsoft that security updates would stop, leaving the affected computers vulnerable to attack by malware developers.
Now that the time has come, some are suggesting that hoards of malware will descend on your computer, seeking to take advantage of your unprotected machine, turning your computer into a zombie, or worse, stealing your data, your identity and financial information.
That’s the warning. Now let’s look at what will actually happen.
First, assuming your computer has had every update Microsoft has provided, you have at least a little while in which your freshly patched XP machine will be able to hold out against the forces of evil. But as time goes on, the threat of a security breach on your machine will grow and eventually the built-in protection could yield to malware attacks. Or, at least, that’s the official word.
But if you’re a sensible user, you’ve got antivirus or anti-malware software running on your machine that will continue to be updated and which will guard you against most of the malware out there. But you’ll be missing one layer of protection at the operating system level.
So while you’re protected, you’re more vulnerable than you would have been otherwise. New Windows XP vulnerabilities are sure to appear. And the vendors selling your protection software may not keep it going forever.
Exactly how you respond to this higher level of risk depends in large part on what you’re doing with that XP computer of yours. A great deal also depends on why the XP machine hasn’t already been upgraded.
For many of you, the real reason you’re still on XP is because you’re a bank, and the maker of your ATM sold it with XP on it and hasn’t provided an update. If that’s the case, the good news is that Microsoft will continue to support security updates as long as you enter into a service agreement. But the cost of that service agreement isn’t going to be cheap, so it’s likely a good idea to start leaning on Diebold or NCR or whoever makes your ATM for an update.
There’s also a good likelihood that you’re in the health care field and your medical equipment is operated by an XP machine. Depending on the details of how your equipment works, XP may not be a factor as long as the device isn’t connected to the outside world.
Windows XP Support Expiration Doesn’t Mean It’s Time to Panic
Even though your medical equipment may be on an internal network, as long as it’s kept away from the Internet, you may be reasonably safe. Just be careful of strangers wielding USB memory sticks.
On the other hand, perhaps you’re in an organization that hasn’t upgraded because they’re too cheap to spend the money. Here, your recourse is to show your bosses on paper that upgrading to Windows 7 or Windows 8.1 is less expensive than ignoring the problem.
The best example of how much a major security breach can cost was provided by Target last year. In addition to finding out that fixing its security problems will cost hundreds of millions of dollars, the company also lost a significant portion of its value and a lot of its customer base. Maybe you can use that lesson to pry some upgrade money out of the chief financial officer.
Then there are those companies that use a critical application that was written for XP and for which there are no updates. Depending on the way the application was delivered, you may be paying a maintenance fee every month. If so, now is the time to explain that maintenance needs to include a move to a new environment. If that doesn’t work, take a shot at running the software using Windows 7, with the Windows XP emulation turned on. If that works, you’re home free.
On the other hand, you may be running a custom application that was written for XP, and for which there is no maintenance plan. Here you can at least check to see if it will run under Windows 7 or 8.1. If it looks as if it will, and you can thoroughly test it, then again you may luck out.
If it doesn’t, then try to run the computer without attaching it to the Internet. If that won’t work you will have to start preparing for a replacement. Even with some late-day workarounds, you’re going to have to move away from XP at some point.
For everyone else, it’s time to realize that a migration is inevitable. Most computer makers have migration automation software as does Microsoft. It doesn’t make it as easy as it would have years ago, but a migration is possible. Just plan on devoting one person per machine per day, less for an automated migration, and do it. Or decide the time has come to refresh your Windows computers. It’ll cost you less in the long run.