Microsoft Delays Windows XP Antivirus Doomsday

  /     /     /  
Publicated : 22/11/2024   Category : security


Microsoft Delays Windows XP Antivirus Doomsday


Security Essentials for XP gets 15-month extension, but some antivirus vendors promise updates through 2017 and beyond.



7 Mistakes Microsoft Made in 2013 (Cick image for larger view and slideshow.)
Microsoft announced Wednesday that even after it ceases support for its aging Windows XP operating system in April, it wont stop issuing new signatures and updates for its XP antivirus software engine until mid-2015. That represents an about-face by Microsoft, which previously said that as of April it would cease updating all of its XP-compatible security software, including the free Security Essentials.
Microsofts Malware Protection Center, which announced the extension, pitched it as a way to help businesses and consumers move to a newer version of Windows. To help organizations complete their migrations, Microsoft will continue to provide updates to our anti-malware signatures and engine for Windows XP users through July 14, 2015, Microsofts malware protection team said in a
blog post
.
But the post also emphasized that Windows XP will still receive its final set of operating system security patches and other updates on April 8, 2014. After this date, Windows XP will no longer be a supported operating system, it read. (Aficionados of the impending Windows XP update doomsday can follow along at home by downloading Microsofts free
Windows XP End Of Support Countdown Gadget
.)
[What will happen to all those XP machines and their networks on April 8? Read
Windows XP Wont Go Quietly
.]
The reprieve means that for Windows XP enterprise users, Microsoft will continue to maintain -- for the next 18 months -- System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection, and Windows Intune. Meanwhile, for Windows XP consumer users, Microsoft will continue to keep Microsoft Security Essentials updated.
The Microsoft security team cautioned, however, that using up-to-date antivirus still might not protect Windows XP users against post-April attacks, especially because attackers may then be able to reverse-engineer new patches for more recent Microsoft operating systems to find exploitable vulnerabilities in Windows XP: Our research shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited. Running a well-protected solution starts with using modern software and hardware designed to help protect against todays threat landscape.
The research referenced by Microsoft refers to figures first detailed in October 2013 by Mike Reavey, Microsofts Trustworthy Computing general manager, who said, Windows XP is six times more likely to be infected than Windows 8, even though it has the same malware encounter rate. In no small part, the relative susceptibility of Windows XP to malware has to do with the security protections that Microsoft has
built into more modern versions
of Windows as well as Internet Explorer.
Despite the impending security risks, a
NetMarketShare
study found that as of December 2013, Windows XP still commanded 29% of the Windows market share -- behind Windows 7 (48%) but well ahead of Windows 8 (11%) and Windows Vista (4%).
What will be the impact of Microsofts antivirus software reprieve? Later generations of Windows XP were built to install Microsofts Security Essentials antivirus software by default, if no other antivirus tools were detected. Accordingly, Microsofts extension could be a boon to any businesses or consumers who currently rely on Microsofts own antivirus tools, even if they dont know that its running. Furthermore, on the immunology tip, keeping up-to-date antivirus software installed on more Windows XP machines will help provide herd immunity for Internet users at large.
Make no mistake, however: Continuing to use Windows XP after April 2014 will
become a riskier endeavor
. Anyone connecting a Windows XP computer to the Internet after Microsoft drops its support in April 2014 is not only putting themselves at risk, but also endangering all of us on the Internet -- as their computers may be hijacked into botnets and used to spread malware and spam attacks, independent security researcher Graham Cluley
warned
last year.
XP holdouts neednt stick with Microsofts antivirus offerings. Independent German security software testing lab AV-Test recently queried 27 different vendors and found that all plan to continue XP support for at least the next two years. Trend Micro, for example, has already confirmed that it will keep its products up to date until at least 2017, while Webroot even plans to delay the cancellation of updates for its products on Windows XP systems until at least April 2019, AV-Test said Wednesday in a
blog post
.
The testing firm said that it will
continue to evaluate
the effectiveness of vendors security suite software running on Windows XP. Even so, anyone who continues to use Windows XP after April 2014 must take additional steps to protect themselves beyond using up-to-date antivirus engines and signatures.
For starters, AV-Test recommends that after April, Windows XP users should spend as little time connected to the Internet as possible, and never do so using Internet Explorer. We also recommend the use of an alternative browser such as Google Chrome or Firefox, which will continue to be kept up to date with the best possible security, if the announcements made by their developers are anything to go by.
Outlook Express users should also ditch that email client. Switch from Outlook Express to another mail program because Outlook Express is part of the XP operating system and will therefore also receive no updates whatsoever after the end of support, said AV-Test. The testing firm noted that among the many alternatives, perhaps the best known is Thunderbird, which Mozilla has promised to continue updating for Windows XP, at least for the foreseeable future.
Having a wealth of data is a good thing -- if you can make sense of it. Most companies are challenged with aggregating and analyzing the plethora of data being generated by their security applications and devices. This Dark Reading report,
How Existing Security Data Can Help ID Potential Attacks
, recommends how to effectively leverage security data in order to make informed decisions and spot areas of vulnerability. (Free registration required.)

Last News

▸ Some DLP Products Vulnerable to Security Holes ◂
Discovered: 23/12/2024
Category: security

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Microsoft Delays Windows XP Antivirus Doomsday