A Year From Now Support for Windows XP Ends - Now What ?

• http://blogs.windows.com/windows/b/...now-support-for-windows-xp-ends-now-what.aspx

• http://arstechnica.com/information-...6-office-2003-enter-their-final-support-year/

• http://www.zdnet.com/microsoft-dang...arrots-to-get-smbs-off-windows-xp-7000013685/

 

major headaches for large companies.

what do you do if you are a CEO?
do you go with Win 7 or Win 8?
and do you consider other alternatives such as Linux?

apparently it can takes a couple of years for a big company to migrate to a new OS.

 

I know of three medium sized corporations that have had several meetings over the past 2 years with their IT staff and hired consultants regarding this issue. They have decided for security and cost, to run legacy apps that rely on XP to remain on existing XP desktops that have no internet connection. All 3 have an intranet setup and running. These are apps that can not be ported to W7, W8 or Linux. In one company, the employees overwhelmingly sided with the corporation. In the other two, the employees voted for W7 over Linux and it was a thumbs down on W8 (primarily because these apps are desktop based and require a KB).

Interestingly, the employees had no objection to apps that could be ported, going to Linux, as they believed they would see the apps as they see them today and the OS was not something they had to learn. All three IT depts have Linux experience so no steep learning curve there either. The corporations are not going to invest any money rewriting legacy apps for W7 and all 3 have determined that the existing desktops and PCs would have to be replaced to run W8.

For large corporations, I have no idea what they have in mind, but I would think their IT departments have had a plan for sometime now. Costs for both hardware and software need to be determined and on a large scale they may not be too interested in pouring capital into legacy XP apps either. I'm sure Fortune 500 magazine will have some articles on this subject when Blue (W8.1) is officially announced. This will give the corporations the information they require to factor in OS subscription costs as well.

 

The cited articles deal mostly with businesses and corporations.

It's been demonstrated that they certainly have more to consider than just having an up to date patched Operating System, a sensational example being "Aurora:"

Google Aurora hackers AT LARGE, launch 0-day bazookas
http://www.theregister.co.uk/2012/09/10/elderwood_cyberespionage/

Without robust security measures in place, having a supported operating system is no guarantee of freedom from attack/intrusion.


----
rich

 

True, but what matters isn't 100% security but significantly decreased risks.

When using latest Windows, a random user is under significantly decreased risks of an attack/intrusion.

 

True, but for businesses, this shouldn't suffice.

My comment about security measures isn't limited to products. For example,

• Why should workstations on the network have Administrative Privileges?
  
  
• Why shouldn't the IT department insure that secure passwords are in place?
  
  
• Why should workstations on the network be able to run executable files from USB?

Part of the success of the conficker worm was due to weak or non-existent security policies in these areas:

An Analysis of Conficker's Logic and Rendezvous Points
http://mtc.sri.com/Conficker/

My discussions with several System Administrators in past years suggest to me that weak security measures -- policies and procedures-- are the biggest threat to organizations.

Agreed, that an updated OS is necessary in businesses -- especially since many of the exploits attack network configurations -- but my sense is that this is just a starting point.

Unfortunately, statements such as this from the Microsoft blog cited can give a false sense of security:

Had this statement included yours about "significantly decreased risks," it would be more palatable!

Regards,

----
rich

 

Thanks for pointing out the other thread, since I cited the MS article subject, we have a duplication of posts - in a way.

 

When support ends further updates will not be there.

But old updates will be available through windows updates or they too will not be available?

 

Updates will no longer be available. But all you need to care about is that Windows runs - and it will run long after Microsoft has discontinued supporting it.

Unless you absolutely MUST have the latest and greatest, there is no reason to give up something that still works and if you still run an older computer all it might run is Windows XP. So who cares if Redmond decides you should move on? You STILL have a choice.

 

No misinformation please. The old updates will be available through Windows Update / Microsoft Update as usual.

 

Excellent points. I'm working on a Bachelor's in MIS, and was thinking of focusing on information security. It interests me the most, and God knows businesses need help securing their information systems.