The sun's about to set on the familiar rolling green hills of the Windows XP desktop.
The sun's about to set on the familiar rolling green hills of the Windows XP desktop. (photo: Kevin Lee/Getty Images News/Getty Images)

After April 8, 2014, Microsoft will no longer support Windows XP. Period.

— Tim Rains, director, Microsoft Trustworthy Computing

Microsoft released Windows XP way back in October 2001. It was the first substantial upgrade to the Windows 95 family of operating systems, which included the so-so Windows 98 and the belly flop that was Windows ME.

XP's wasn't initially hailed as a stunning success -- that would come later, after a couple of service pack updates -- but it eventually found its way into virtually every home and business worldwide. Today, that ubiquity has introduced risks for people still clinging to the venerable operating system at the end of its supported lifecycle.

What's the Fuss?

Microsoft is ending support for Windows XP on April 8, 2014. After that date, the company will no longer support Windows XP. Period.

The most serious implication of the end of the extended-support phase is that users will no longer receive security patches. Microsoft's Tim Rains, director of Trustworthy Computing, noted that between July 2012 and July 2013, Windows XP was affected by security risks significant enough to warrant an official security bulletin -- 45 times.

So, the end of security patches for Windows XP means that you are at considerably greater risk from targeted attacks, because Microsoft's security updates for newer versions of Windows help the bad guys figure out the best ways to attack XP in ways that cannot be fixed.

The risk for un-patched users can't be overstated. When Microsoft releases security patches, it releases them for all versions of Windows simultaneously. Hackers get these patches and reverse-engineer them to see what parts of Windows were fixed. After April 2014, these patches will cover Windows Vista, Windows 7, and Windows 8, but not Windows XP. The bad guys can see the corrections and identify the problems the patches fix for everything except XP. The result? They can develop targeted attacks that focus specifically on uncorrectable problems in XP. They can even develop attacks with such sophistication that XP users may not even know they've been compromised.

It's like the police department publishing a monthly neighborhood map, identifying which houses have strong locks and which don't, and giving it out for free to everyone who's been convicted of breaking and entering. After April 2014, XP users will be permanently placed on the "weak locks" list.

XP at Home

Just because a home PC running Windows XP is chugging along nicely today doesn't mean it'll work well after security patches stop rolling in. The risks are real -- they're not just a scare tactic to sell new computers or unnecessary upgrades.

Windows XP is reliable and familiar. If you still use it at home, it's probably because you love its familiarity and don't feel a burning desire to shell out hard-earned cash to do what seems like a non-essential upgrade. You might even think that you're really not at risk because they run anti-virus software and don't visit unsafe websites. So why upgrade?

Think of the 2001-vintage Windows XP like a 2001 Ford Ranger. It's dependable. It may not have the sleekest lines on the expressway, but it'll get you from Point A to Point B safely and without incident.

When the extended-support period for Windows XP ends, it's like deciding to stop changing the oil on that Ranger. As the months and miles accumulate, however, you might see signs of trouble. But maybe you won't: Maybe all will be fine until you blow the motor. Same with XP -- for a while, the end of security patching might not make an obvious difference. Eventually, however, the sheer volume of malware -- and the lack of security patches to protect against it -- means your XP installation will be at a very real, and very substantial, risk of "blowing the motor."

What could happen? You could see viruses that Windows can't handle. You could be infected by spyware that steals your personal information. You could be roped into a botnet, so your computer gets used without your knowledge to attack other computers on the Internet. Worse yet, more and more software vendors will stop supporting XP, too.

Without routine security patches to protect you from targeted online attacks, your risk isn't a matter of "if." It's a question of "when."

XP in the Office

Microsoft estimates that slightly more than half of mid-sized companies know XP is sunsetting -- and that 70 percent don't know what the end-of-support cutover entails.

Microsoft's own documentation paints a stark picture for companies: Working in an unsupported and un-patched computing environment represents a genuine and well-established risk under generally accepted internal control policies. For most companies, choosing to run an unsupported computer system is a regulatory strike that eliminates good-faith safe harbors for data breaches or other IT-security problems.

In an August 2013 column, veteran Microsoft watcher Mary Jo Foley of ZDNet informally surveyed her readers about why they're still clinging to XP. Many cite customized, mission-critical apps built on the Internet Explorer 6 framework not supported by Windows 7 or Windows 8. Others -- especially government users -- point to a lack of funding for such a significant upgrade project.

More worrisome, though, are Microsoft's own estimates that 45 percent companies employing five to 250 employees don't even know that Windows XP is nearing the end of its supported lifecycle. And of those companies that do, a whopping 70 percent don't understand the implications.

Not only do always-on computers on medium-sized corporate networks present a security risk in themselves, but they also subject customer records, trade secrets and sensitive information to widespread theft, destruction or illicit modification.


Your best bet is to upgrade, but if you can't, a mix of careful online activity and even desktop virtualization can help. You could even try the Mac or Linux.

If you like Windows and have software you don't want to lose, your best option is to upgrade to Windows 7 or Windows 8. Remaining on Windows XP is a security risk, plain and simple. If your computer cannot support Windows 7 or Windows 8, consider buying a new machine. Hardware costs have declined, with low-end machines far more capable than your old XP box for a fraction of the price.

If upgrades just aren't in the mix, be sure to install modern anti-malware software and run scans frequently. After all, just because Microsoft no longer supports Windows XP, that doesn't mean you can't find third-party protection.

You should also be very careful to follow computer security best practices: Avoid sketchy websites and err on the side of caution with unusual emails. In an unpatched environment, one security lapse could be all it takes to trash your installation of Windows XP and require a complete reinstall to resolve.

Another option: Your Windows XP computer can also run the free Linux operating system. Linux requires fewer system resources than Windows, supports a large base of free programs and doesn't cost a dime. Although there's a learning curve associated with Linux, for users accustomed to XP, Linux may be easier to grasp than the new Windows 8 interface. Check out Ubuntu Linux or Linux Mint for versions that are easy for new users to learn.

And if you don't like Linux or the new Windows 8 operating system, there's always the Mac. The downside of switching to Apple, though, is the same as installing Linux: You'll have to learn a new OS and get all new software.

Tips & Warnings

  • The minimum hardware requirements for a Windows XP Home Edition computer are a 233 MHz processor, 64 MB of memory, 1.5 GB of available disk space and a monitor capable of 800-by-600 display resolution. Windows 8 requires a 1 GHz processor, 1 GB of memory (2 GB for 64-bit computers), 16 GB of disk space (20 GB for 64-bit machines) and a graphics card capable of supporting Microsoft's DirectX 9 standard. Worried about whether your XP machine can support Windows 8? Computers capable of supporting the minimum hardware requirements for Windows 8 were considered high-end machines when XP was in its infancy. The first 1 GHz processors hit the mainstream consumer market in 2000, with Intel's Pentium III chips, and by 2006 most chips ran at 1.6 GHz or higher. High-end consumer machines with 1 GB of RAM filtered into the market by 2003. Odds are good that even older machines can handle Windows 8, but you can check for yourself. Check your computer's specs by clicking "Start" then "Run." Type "msinfo32.exe" in the box. The System Information app will display your machine's hardware capabilities. If you meet Microsoft's minimum standards for Windows 8, you can upgrade your hardware without difficulty. As a general rule, computers manufactured in 2007 or later will probably be OK with Windows 8. To be extra sure, go to Microsoft's "Buy Windows 8" page to run the Windows Upgrade Assistant. The program will scan your computer and inform you of hardware or software problems related to a Windows 8 upgrade. Software can be a stickier wicket. Although Windows 8 is backward compatible with Windows XP, some apps were written for Windows XP and Internet Explorer 6 that may not function as expected with a more modern operating environment. Check with the software vendor to assess a particular program's upgradeability.

  • Photo Credit Kevin Lee/Getty Images News/Getty Images
Promoted By Zergnet



Read Next:

Related Searches

Check It Out

Geek Vs Geek: Robot battles, hoverboard drag race, and more

Is DIY in your DNA? Become part of our maker community.
Submit Your Work!