/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
/socialsamosa/media/member_avatars/uFf1SrIk167BQ4yXdoHx.png )
Follow UsDUBAI, UAE: Microsoft is going to deliver its final security update to Windows XP today, April 8, before permanently discontinuing support for the platform. Patches for Internet Explorer 8 on Windows XP will also cease to be produced.
In niche industries, legacy software like Windows XP is common - Medical equipment, ATMs, point of sale systems that run businesses and handle credit card data, industrial control systems used by power companies, kiosks, displays in hotels and airports, etc.
It is very common in the Middle East to see the default Windows XP screen saver on restaurant computer terminals. Many of these systems will likely remain in use after Microsoft stops providing security patches because of the cost to upgrade and a fear of disrupting business.
As new vulnerabilities are discovered that could allow hackers to gain access, these systems won't be able to repel attacks. Just how bad is this threat? A few data points will illustrate the severity of not receiving security patches for newly discovered vulnerabilities moving forward
* 20 of 88 vulnerabilities currently being exploited in the wild by exploit kits apply to Windows XP and its components.
* A review of the patches released in 2013 shows several dozen affecting Windows XP and its components.
* The market share of Windows XP is just under 30 percent.
The Middle East will witness high profile attacks early this year directly related to the vulnerabilities in Windows XP being exploited. Only then will organizations make it a priority to upgrade equipment. The information security community witnessed the same thing happen when Windows 98 and Windows 2000 were retired.
If an organization still relies on Windows XP, it is strongly recommended that it starts planning now to move to either Windows 7 or Windows 8 to avert future problems. If there is unwillingness to upgrade, there are some steps that can be taken to reduce the risk.
* Do not use production business systems such as point of sale terminals for risky activities like web browsing and email.
* On personal computers, use other web browsers that will continue to be supported such as Google Chrome or Mozilla Firefox.
* Install exploit mitigation software such as the Microsoft Enhanced Mitigation Experience Toolkit (EMET) which has been known to prevent unpatched vulnerabilities from being exploited successfully.