I’ve been sounding the warning about the coming demise of Windows XP for the last three years, and this is the last warning before it actually happens. In 2011 I wrote about why XP should die. In August of last year I reminded people that the apocalypse was approaching. On April 8 of 2014 support for Windows XP, and all Microsoft technologies running on Windows XP, comes to an end. Is this really an apocalyptic event? Perhaps so, at least for many people.
Keep in mind that there are several reasons why a PC might continue to run Windows XP past the April 8 deadline, and they include both high risk and low risk scenarios. Having a home PC that is connected to the Internet and is used for reading mail, surfing the web, playing downloaded games, and/or exchanging other kinds of files is part of the perfect storm that is coming if it still runs Windows XP. On the other hand, a Windows XP (likely embedded) system that is not connected to the Internet and never has external media (CDs, USB memory, etc.) connected to it is minimally vulnerable and we probably shouldn’t panic over it. I emphasize “never” above because the greatest piece of malware of recent years is Stuxnet, and it didn’t get on to Iranian centrifuges via the Internet. Viruses can still spread the old-fashioned way, through any kind of media that touches multiple machines.
So I’m going to continue to urge that Windows XP systems be upgraded, or more likely replaced, ASAP. Preferably before April 8. But in future blog entries I’ll also opine on how to keep your Windows XP systems moderately protected after that date. I’ve seen others write on that topic, but I think they fail to recognize (or at least point out) the pitfalls of their suggestions. I’ll try to do a reality check as I make mine.
One of the big problems with securing a Windows XP system against the apocalypse is that many such systems are tied to Windows XP in some difficult to change way. For example, a common suggestion is to switch from Internet Explorer 8, which will no longer be patched, to Google Chrome, which will be supported on XP for an additional year. But many corporate apps were written specifically to IE8 and won’t work with Chrome. Or it might be Windows XP is running on an embedded system and you can’t install Chrome even if you want to. You need the vendor to do it and they have not rewritten that app to work cross-browser. And they want you to buy a new system instead, or perhaps they have gone out of business entirely. So you are stuck with Windows XP and stuck without the ability to implement most suggestions for making it more secure.
That’s the kind of thing I hope to dig into in blog posts over the next couple of months.
I once again urge you to migrate off Windows XP in the next two months if at all possible. But if not, I will give you my take on ways to survive for a while in world in which your system is the prey of choice.