Google Plus Facebook LinkedIn Twitter Vimeo RSS

Discontinued support leaves computers running Windows XP open to security breaches

By

When Microsoft discontinues its support of longtime operating system Windows XP on April 8, the world won't end. Even Windows XP won't end.

What does end is the computer giant's support — including system and security updates — for the program, meaning any computer running on XP will leave itself open to a host of security breaches and will see processing speed gradually slow, local information technology professionals said.

Microsoft, which launched XP in 2001, stopped selling it in mid-2008.

Tom Murphy, director of communications for Microsoft Windows, declined to comment on how many users there are.

"(Windows XP) was not designed to meet the demands we have of technology today from trends like mobility and touch, to support for new hardware and software," Murphy said. "In addition, Windows XP was not designed to protect users from the security threats we see today — because those threats did not exist when Windows XP was launched."

As of February, according to NetMarketShare.com, which tracks market share statistics for Internet technologies, Windows XP still accounted for almost 30 percent of all operating systems used in the world.

That makes it the second-most-popular operating system, behind only 2009's Windows 7 at 47.3 percent. Windows 8, which went on the market in 2012, is third at a distant 6.4 percent, according to the site.

"Bottom line is, if you're using XP, you're using a computer that, at best, is more than 5 years old," said Mike Sutton the owner of Mobilitechs, an IT support company based in Berks County that has clients in Lancaster County. "It's probably time for you to upgrade anyway."

There are financial concerns in upgrading, especially for businesses. Sutton said he charges between $850 per computer workstation for a basic upgrade from Windows XP to a new computer and new operating system, or as much as $1,250 for a more advanced upgrade that includes the new computer, licensing and installation.

Wayne Lapp, general manager at Earl R. Martin Inc., a transportation company in East Earl Township, said the company held out on replacing its eight remaining computers still using XP.

But when company officials did the research and listened to its IT provider, EZ Solution in Manheim Township, they decided to make the upgrade of new computers and a new operating system for a little more than $8,000. The replacements were scheduled to happen this week.

"We were preparing for it and knew it was coming," he said about the expense for the company with 50 full-time employees and 15 subcontractors. "The problems have been minimal (with the replacement process)."

Tom Malesic, owner of EZ Solution, said his company has about 100 clients, and only about 10 of them are hanging on to XP.

However, he said he expects all of those clients to make the upgrade sometime in April.

The real danger of not upgrading, Malesic said, is that hackers now know XP operating systems will be extremely vulnerable.

Sutton believes hacker attacks on XP-run systems will increase in the next few weeks and months.

While cost is one reason companies might not have upgraded, Malesic said there is also the fear of change, especially for employees who might not be particularly tech-savvy.

"We've really been trying to lay it out for our clients," Malesic said. "I have been telling them, 'You can pay me now to do the upgrade, or you can pay me later to remove the viruses — if I can. Either way, you're going to be paying. Let's not be in crisis mode.'"

Will bank ATMs be vulnerable without Windows XP upgrade?

The banking industry in particular is under the microscope over the loss of support for Microsoft Windows XP.

More than 95 percent of ATMs around the world at one point used XP, though that number has gone down with recent upgrades, according to Nick Johnson, vice president of risk management policy at the American Bankers Association.

He said there isn't a way to know yet how many banks have upgraded their ATM software, and banking officials said there are a couple of popular plans of action banks have adopted in regards to the end of XP support.

The first is akin to what Pittsburgh-based PNC Bank is doing — not upgrading the system but making an agreement with Microsoft to continue support for Windows XP in the bank's 7,400 ATMs.

Marcey Zwiebel, spokeswoman for PNC Financial Services Group Inc., parent company of PNC Bank, would not reveal the terms of the agreement but said there are no concerns about delaying an upgrade.

"We do not expect this to be an issue for PNC," she said in an email.

The Pennsylvania State Employees Credit Union of Susquehanna Township took the opposite approach and decided to not just update the operating system at its 143 ATMs but also to upgrade the ATMs so they soon will be able to read "chip" cards, popular in Europe but not yet here.

A chip embedded in the card can deactivate the card if it is stolen.

Ruback said government regulation concerning liability of ATM machines and chip credit cards is coming in 2016, so instead of upgrading the machines again in two years, PSECU decided to do it all now.

It will cost PSECU about $403,000 to make the ATM upgrades, according to spokeswoman Margaret Delmonico.

The credit union expects to have the updates complete by May 31, said Tom Ruback, the company's vice president of card services.

Between April 8 and then, the security issues for a personal computer using XP are different from those that threaten an ATM because of all the security settings already installed.

Johnson also said the version of XP used in ATMs is different from that in personal computers and has withstood the test of hackers.

"Most of the ATM compromises come from outside the box," he said, adding that most ATM security attacks normally come from people or devices that can see a PIN as the customer enters it on a screen. "That gives institutions a little level of comfort to do both upgrades at the same time instead of looking at April 9 as a magic date."

Michael Sadowski

Michael Sadowski

Mike Sadowski covers Lebanon County, banking and finance, law and the legal community, and technology. Have a tip or question for him? Email him at michaels@cpbj.com. Follow him on Twitter, @MikeCPBJ. Circle Michael Sadowski on .

Leave a Comment

test

Please note: All comments will be reviewed and may take up to 24 hours to appear on the site.

Post Comment
View Comment Policy

Comments

JoeM789 August 28, 2014 5:33 pm

The title to this article is a bold and false statement.

Just because M$ is turning their backs on XP (actually they did years ago), that does not mean XP computers are vulnerable. The fact is, and also has been, that Windows operating systems are natively insecure. They have relied heavily on third party software and "developers" to come up with ways to protect users. And the same holds true even after 2014. XP will still function the same way and protect users the same way thanks to third party interventions. There is no reason to upgrade unless your workflow is limited by XP limitations. And if it is, move up to Windows 7. Stay far away from Windows 8 because its the new "Windows Me". An unstable, ugly, parasite in the OS world. A gimmick to cross smartphones with desktops. When M$ invents something, it takes them years to get it right.

close
Subscribe to Our Newsletters!
Click Here to Subscribe for Free Now!