Welcome to August’s Security Newsletter! | |||
This month our newsletter focuses on client security and the security implications of running software that is no longer supported by the software manufacturer. If you have been following Microsoft security news recently, you are likely aware that support for Windows XP ends on April 8, 2014. It is important to note that after this date, customers running Windows XP will no longer receive new security updates, non-security hotfixes, free or paid assisted support options, or online technical content updates. This means that any new vulnerabilities discovered in Windows XP after its “end of life” will not be addressed by new security updates from Microsoft.
From a security perspective, if you are running Windows XP, I cannot stress enough the importance of migrating to a newer platform that is supported and can provide increased protections. The very first month that Windows XP goes out of support, attackers will have the advantage. The first month that security updates for supported versions of Windows are released, attackers will reverse engineer those updates, find the vulnerabilities, and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP. Since security updates will no longer be available for Windows XP to address such vulnerabilities, Windows XP will essentially have a “zero day” vulnerability forever. I discuss this in greater detail in a recent blog post. This should be concerning for anyone using Windows XP today. If your organization has not started the migration to a modern operating system, it is crucial that you begin planning and application compatibility testing as soon as possible. Based on historical customer deployment data, the average enterprise deployment can take 18 to 32 months from business case through full deployment. If you are looking for resources on how to get started, I encourage you to read the Windows Blog post on “365 Days Remaining Until XP End Of Support. The Countdown Begins” for more detailed questions and answers.
Have feedback on how we can improve this newsletter? Email us at secnlfb@microsoft.com and share your ideas. |