9 Apr 2014

End of the road for Windows XP – but should you be worried?

If you’ve not bought a new computer recently, you could be vulnerable to cyber-attack, writes Harry Horton.

Despite the fact millions of businesses and governments still rely on it, Microsoft are no longer supporting the Windows XP operating system from Wednesday.

The 13-year-old software will continue to operate as normal, but users will no longer get security updates.

The company says newer software offers more security, and XP – now a fossil in computing terms – has had its time.

But despite years of notice from Microsoft, estimates suggest anywhere between 17 and 28 percent of desktops, tablets and consoles worldwide could still be using Windows XP.

‘Vulnerabilities’

Gavin Millard, European Director for Tenable Network Security said: “Whenever hackers attack, they look for vulnerabilities. XP is now a vulnerability.

“I’m worried for people who don’t know how much of an issue it is. XP is embedded in a lot of devices and systems, it’s not just desktops.”

Around 95 per cent of the world’s cash machines run a version of Windows XP, according to American manufacturer NCR.

Whenever hackers attack, they look for vulnerabilities. XP is now a vulnerability – Gavin Millard

LINK, the company who help connect the majority of the UK’s cash machines, say most operators will upgrade their machines to a newer version of Windows during the next year.

The UKs largest cash machine operator, RBS, have paid for extended Microsoft support until 2017.

But Robert Shifreen, Information Security Expert from University of Brighton, told Channel 4 News that XP users could be safer now. He said hackers often look at security updates as a way of flagging up flaws in Windows systems.

“A lot of hackers target users yet to install those updates”, he said.

‘Complacency’

But with no security updates being issued, the attention of the average hacker could be drawn elsewhere: “the number of hackers targeting XP might actually decrease”.

But that’s no excuse for complacency, warns Mr Shifreen: “Companies dealing with sensitive or confidential information need to consider upgrading though. It’s not as easy as it should be for businesses to change systems, and it could take some time.”

The UK government is paying £5.5m to secure support from Microsoft for another 12 months. A cabinet office spokesperson told Channel 4 News “a significant number” of machines in the public sector still run on XP.

Jumping on the latest bandwagon is not the answer – cabinet office spokesperson

Barking and Dagenham council announced last week they are switching from XP to Google Chrome OS, a move they say will save them £400,000.

Mr Shifreen said people should be wary of switching to an entirely new provider of software: “Some are using this an excuse to sell their products to people. My advice is to stick with what you know.

“Most security problems are down to user error. Using some new software or a new system could be risky. Be careful. Jumping on the latest bandwagon is not the answer.”

A Microsoft spokesperson said: “Windows XP was a very successful and a very popular operating system, but in the last 12 years, technology has moved on. Newer operating systems like Windows 8.1 are faster, more reliable and designed with security in mind.”