Microsoft will no longer provide software updates
and technical support for Windows XP as of April 8, 2014. The end of
Windows XP support should not come as a surprise to most users.
Microsoft has a long history of ending support for variations of its
operating systems. Although the company published a lifecycle chart
showing the anticipated end-of-support
What does this mean for the threat landscape?
Any complex piece of software will contain vulnerabilities for cybercriminals to exploit. Operating systems and their associated applications are particularly prone to vulnerabilities because:
1. It is incredibly challenging to conduct testing on all code routes due to the sheer complexity and vastness of the code.
2. After a vulnerability is identified, a fix needs to be created and patched.
Malware authors often look to discover vulnerabilities, known as zero-day exploits, before software vendors or the security community are aware. Microsoft has been enhancing, updating and supporting Windows XP for close to 13 years. Over time, the industry identified hundreds of Windows XP common vulnerabilities and exposures (CVEs), including a new zero-day last week. Affecting Windows XP, it allowed remote code execution through a rich text format (RTF).
I am sure we will continue to see new Windows XP vulnerabilities. The only way to previously address Windows XP vulnerabilities was through the updating and patch process. Now that important line of defence is gone. With Microsoft ending support for Windows XP those patches will not be available.
Opportunistic cybercriminals have shown a penchant for pwning the low hanging fruit. If XP is the fruit, after April 8 this plum is effectively sitting on the ground. End-of-support means no new software updates. The term "forever-day" reflects the fact that zero-day vulnerabilities will remain unpatched forever more.
Websense Security Labs Recommendation
We have always recommended that organisations not rely on software patches alone to protect themselves. We highly recommend upgrading your operating system at your earliest convenience.
Malware authors know that businesses and consumers are still running Windows XP. These systems are especially vulnerable after April 8. We don't expect malware authors to unleash exploit code targeting these zero-days in the first few days after April 8. Instead, we believe they will wait to release exploit code selectively (think targeted attacks) and gradually (over a period of years).
Comments
Post a Comment