10 Reasons to migrate off Windows XP
I would like you to sit back, close your eyes and think about the year 2001. Think about how you used technology back then, how you used the Internet. Now, let’s take it a little bit further back in history and think of the year 2000. Just after we realized that the Year-2000-Problem was handled very well by the industry. How you used technology, how you used the Internet, the speed of your Internet connection (I think for me it was ISDN-Dial-Up).
This was the time Windows XP was designed. Windows XP was launched in 2001 and – judging by its success – it was a really great piece of technology. It just runs, rock-solid. Well, it was attacked by a few worms like Blaster, Sasser which led to the development of Service Pack 1, which made us stop development for a few months to look for security vulnerabilities. Over all the years of improvement and learning, this finally led into Windows 7.
If you are still on Windows XP, you probably should re-think your strategy today as the Operating System you are using was not designed to survive in today’s threat landscape. Let me give you 10 reasons why you should definitely move off Windows XP as soon as possible:
- First and foremost, Windows XP will go out of support April 8th, 2014. From then onwards, there will be no more security updates for Windows XP. Even though it is still two years down the road, larger organizations typically need some time to migrate and I am convinced that you need to start now!
- Changes in development processes like the introduction of the Security Development Lifecycle (SDL) over the last 10 years within Microsoft significantly reduced the number of vulnerabilities, the likelihood for getting infected by malware and the attack vectors. This can easily be seen when you look at the data from our Security Intelligence Report:
- Most probably you are still using Internet Explorer 6, when you are running Windows XP. As the browser is your window to the Internet and the most attacked application you run, running a browser which is three versions behind the latest one is definitely not something you should do for different reasons. One is the point I made above. Development processes have come a long way in the industry to incorporate security into the product from a code level and you would want to leverage this. Additionally, there is a lot of technology built into a modern browser to protect you from current attacks like the Smartscreen filter. So, move off IE6 to Internet Explorer 9 (for Windows Vista and later) or at least Internet Explorer 8 if you stay on Windows XP (which you should not J). To show you the impact, here is a graph published by NSSLabs on how far the browser can protect you from socially engineered malware:
- The Security Development Lifecycle is not only about reducing security vulnerabilities at a code level but it is about adding additional protection as well, if there is a vulnerability in the code. It is about Defense in Depth as well – or mainly. As a result we introduced technology like DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) into the platform, which makes it much harder to exploit a vulnerability in the code.
- Ever tried to run Windows XP without being local Administrator? Yes, you will tell me know that you run it in the enterprise like that. What about changing the time zone when you travel with your notebook? Or adding your home printer? Or, or, or? I have to admit that I tried it more than once and gave up. User Access Control helps greatly. It is a huge improvement and makes the non-admin use of the OS much simpler. Even if you would decide to run as a local admin, you work with the user token until you need admin privileges.
- On Windows XP you might be using some third-party disk encryption tool, something which comes for free on Windows 7 – even for USB sticks. It is called Bitlocker and Bitlocker To Go.
- Talking of Bitlocker: One of the points which are often forgotten when talking about the OS is that one of the key attack vectors is during the boot process. We have seen successful attacks on Windows XP during the boot processes with rootkits. If you switch on Bitlocker on Windows 7 (and Vista) you get a fairly sound boot protection. If you use a 64-bit version with kernel protection, the risk of getting infected during the boot process is actually fairly low.
- Managing Software Restriction Policies in Windows XP was a very hard – close to impossible – task. AppLocker on Windows 7 has improved this greatly.
- There are quite some changes on the IP layer: We support IPv6 and there are a lot of improvements in the Windows Firewall.
- The last point: Windows XP is just not cool anymore. Windows 7 is just much nicer, cooler to use and just much, much more fun
Besides all the security improvements, which make most sense if they are used in a combination like Bitlocker on Windows 64-bit and Applocker it has to be said that managing such a Windows 7 environment has proofed to be much, much more efficient than Windows XP.
I guess you did not have time to finish reading the post? Started your migration project immediately? Great, go ahead!
Roger
Comments
Anonymous
January 01, 2003
The comment has been removedAnonymous
January 01, 2003
For more info on how and when the end of support for Microsoft will affect your organisation follow the link below:http://itcrip.wordpress.com/2013/11/22/when-will-microsoft-pull-the-plug-on-your-version-of-windows/Anonymous
January 01, 2003
I think the worst thing you can do is to try to make a Windows XP out of Windows 7 or 8. These are different operating systems with different possibilities. If you run into problems with some apps, there are options on Windows 7 like the Windows XP Mode (to run a few applications in an XP environment) or application virtualization. There are ways to handle this and in this post, I have some links, which can help you: www.halbheer.ch/.../get-off-xp-or-risk-yourbusinessAnonymous
January 01, 2003
Even before I read this, I have been telling everybody I know who is still using a lower OS that they need to upgrade. People don't realize the importance of it. It's even harder to get the message across to people who are less technical.Anonymous
February 08, 2012
Windows XP is reliable window, its good to use if one optimize computer to its best performance by uisng a system utility tool like to speed up pc.Anonymous
May 07, 2013
beter than 8Anonymous
May 08, 2013
I'd love to move, however some tax software that I have to use does not support Windows7Anonymous
May 20, 2013
We are familiar Windows XP, in long time< how should we migrate in technical process indetail explanation? Thanks youAnonymous
May 22, 2013
The comment has been removedAnonymous
May 22, 2013
The comment has been removedAnonymous
May 24, 2013
win XP and win 98 alive for everAnonymous
May 25, 2013
The comment has been removedAnonymous
June 17, 2013
umm.... The major problem is....money!!! so the same goes with Windows after all it was free so why should I pat for an upgrade? And I can download a hooky version of Windows 7 or 8 or it's still free??? The fact is 'free' costs money. At the end of the day XP was awesome. But it is time to move on. Get your hand in your pocket now and asve yourself money in the long run. Computer secumity is not a joke-neglect it at your peril.