We had the opportunity to present new findings from the Microsoft Security Intelligence Report volume 15 at RSA Conference Europe last week in Amsterdam. Jeff Jones and I presented some of the new data from the report.
In our session we discussed some of the global threats from the report, as well as a custom analysis on the threat landscape in the European Union (EU). I recently published a blog on the threat landscape in the EU, over on the Microsoft Europe blog, that also includes a new video: Security Intelligence Report: new threat data for the European Union shows that Windows XP is losing pace with attackers. Read more
Back in April I published a post about the end of support for Windows XP called The Countdown Begins: Support for Windows XP Ends on April 8, 2014. Since then, many of the customers I have talked to have moved, or are in the process of moving, their organizations from Windows XP to modern operating systems like Windows 7 or Windows 8.
There is a sense of urgency because after April 8, Windows XP Service Pack 3 (SP3) customers will no longer receive new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates. This means that any new vulnerabilities discovered in Windows XP after its “end of life” will not be addressed by new security updates from Microsoft. Still, I have talked to some customers who, for one reason or another, will not have completely migrated from Windows XP before April 8. I have even talked to some customers that say they won’t migrate from Windows XP until the hardware it’s running on fails.
What is the risk of continuing to run Windows XP after its end of support date? One risk is that attackers will have the advantage over defenders who choose to run Windows XP because attackers will likely have more information about vulnerabilities in Windows XP than defenders. Let me explain why this will be the case. Read more.