The clock is ticking for Windows XP and its users. Microsoft announced it will discontinue security updates for the 12-year-old operating system on April 8, 2014, and security experts are urging users to abandon the outdated system before the deadline.
For China, where more than half the computers are still running Windows XP, the end of security updates to XP is a network administrator’s worst nightmare.
Tim Rains, director of Microsoft Trustworthy Computing, explained the threat in a post on Microsoft Security Blog.
The basic problem is that as new vulnerabilities are found, computers running Windows XP will not be patched. The systems will be left open and vulnerable.
In cybersecurity, the most feared vulnerability is called a “zero day.” It refers to attacks that users cannot defend against. Rains said that after the deadline, “Windows XP will essentially have a ‘zero day’ vulnerability forever.”
The problem will likely be more prevalent for large corporations, which typically have more computers running dated software—due to the time and cost of updating hundreds or thousands of computers.
Information technology research company Gartner estimated in a press release that for a company with 10,000 computers it would cost between $1,274 and $2,069 to upgrade each computer—when time, labor, and corporate networks are considered.
For corporate networks, the threats are also more pronounced. Software architect and Microsoft Most Valued Professional Troy Hunt wrote in a blog post warning that large corporations in particular “face enormous risks by running an unsupported [operating system],” since they often have a large number of interconnected computers all behind the same firewall.
“One little zero day that Microsoft no longer patches and, well, use your imagination,” Hunt wrote.
Once hackers have breached a computer, or an entire network, they can steal personal information from individuals or intellectual property from the company. They can also monitor networks and activity, and undermine a business from the inside.
China is the last stronghold for Windows XP.
In August 2011, Windows XP was the most widely used operating system in the world, on close to 42 percent of computers, according to Web analytics company StatCounter. Yet, in September 2011, it was surpassed as the most popular operating system by Windows 7.
Global use of Windows XP is currently at around 20 percent. In the United States, only around 12 percent of computers are still running Windows XP.
Yet, in China it remains the most popular operating system in the country, with more than 54 percent of its computers still running it—and the rate of users switching to other operating systems has been extremely slow.
After the security updates end, each time a new security patch is announced, the information can harm users of outdated systems rather than help them.
“When Microsoft releases a security update, security researchers and criminals will oftentimes reverse engineer the security update in short order,” Rains wrote on the Microsoft Security Blog.
“Once they identify this vulnerability, they attempt to develop code that will allow them to exploit it on systems that do not have the security update installed on them,” he wrote.