August 2013 Microsoft Security newsletter repost

Welcome to August’s Security Newsletter!
This month our newsletter focuses on client   security and the security implications of running software that is no longer   supported by the software manufacturer. If you have been following Microsoft   security news recently, you are likely aware that support for   Windows XP ends on April 8, 2014. It is important to note that   after this date, customers running Windows XP will no longer receive new   security updates, non-security hotfixes, free or paid assisted support   options, or online technical content updates. This means that any new   vulnerabilities discovered in Windows XP after its “end of life”   will not be addressed by new security updates from Microsoft.

From a security perspective, if you are running Windows XP, I cannot stress   enough the importance of migrating to a newer platform that is supported and   can provide increased protections. The very first month that Windows XP goes   out of support, attackers will have the advantage. The first month that   security updates for supported versions of Windows are released, attackers   will reverse engineer those updates, find the vulnerabilities, and test   Windows XP to see if it shares those vulnerabilities. If it does, attackers   will attempt to develop exploit code that can take advantage of those   vulnerabilities on Windows XP. Since security updates will no longer be   available for Windows XP to address such vulnerabilities, Windows XP will   essentially have a “zero day” vulnerability forever. I discuss this   in greater detail in a recent blog   post.

This should be concerning for anyone using Windows XP today. If your   organization has not started the migration to a modern operating system, it   is crucial that you begin planning and application compatibility testing as   soon as possible. Based on historical customer deployment data, the average   enterprise deployment can take 18 to 32 months from business case   through full deployment. If you are looking for resources on how to get   started, I encourage you to read the Windows Blog post on “365 Days   Remaining Until XP End Of Support. The Countdown Begins” for   more detailed questions and answers.

  Best regards,
Tim Rains, Director
Microsoft Trustworthy Computing

Have feedback on how we can improve this newsletter? Email us at and share your   ideas.