Security Advisor

XP Support Death: One Week Later

So far, it's been quiet out there. But don't take the lack of news as an indication that the attackers have moved on.

So it's been seven days since Microsoft issued its last security update for Windows XP, and it appears that the sun is still out and the world continues to spin.

After being warned of doom and gloom for the past couple of years, not only by Microsoft but other security firms, the Windows XP security landscape has been relatively quiet since April 8's death of support.

Here's Microsoft's Tim Rains on XP's end back in August of last year: "The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities," said Rains in a blog post. "If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP.  Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a 'zero day' vulnerability forever."

So far, I haven't gotten any word of any zero-day flaws popping up for the vulnerable OS.  Were the warnings of the attackers with full arsenals of XP exploits ready for unleashing overblown? Or has the reveal of the Heartbleed bug and the scramble to fix almost two-thirds of the entire Internet overshadowed all other IT security news in the past week?  

The fact is that while Microsoft is now turning a blind eye to its aged OS, antivirus and antimalware companies continue to provide security support. This could have also played a part in the relatively quiet XP death procession. Antivirus firm Avast released a report on Monday saying that 27 percent of its Windows XP users were not planning on upgrading their systems. It wouldn't look too good for Avast (or any other major antivirus maker) to have such a significant portion of its users riddled with bugs, so it can't just abandon the OS like Microsoft.

"This number is relatively high considering the security risks involved with the OS and makes one wonder how many XP users are not concerned about their protection and aren't planning on upgrading their OS, buying a new PC or seeking AV that will support them," said the firm in the online report. "Avast has been creating protection modules and detections specifically designed to cover Windows XP vulnerabilities and other security problems."

The company said it will continue to provide security support for XP for the next three years. And if you want to shell out the bucks, you can always bribe Microsoft to keep your XP secure.

That's exactly the road the Internal Revenue Service is taking (you know, those guys that you owe something to today). The government agency had first planned to have all its machines running a newer version of Windows by the April 8 deadline.  However, in a budgetary meeting on April 7, it was revealed that the agency had only successfully migrated 47 percent of its systems to Windows 7 from Windows XP. For those it couldn't get to, the IRS will be paying Microsoft directly for support -- a figure that Computerworld estimated will cost the agency $11.6 million per year. That's a hefty post-deadline fine!

The IRS and Avast users aren't the only ones who are throwing caution (or a lot of money) to the wind. According to a reader survey, 23 percent of Redmond magazine respondents also have no plans to upgrade their Windows XP machines.

While you might have gotten lucky this first week after the end of XP support, your luck will run out eventually. If you're running Windows XP, have you experienced any issues since April 8? Share your experiences in the comments below.

About the Author

Chris Paoli is the site producer for and


  • Gears

    Top 10 Microsoft Tips and Analyses of 2018

    Here are the year's most popular explainers and how-to columns -- along with some plain, old "Why did Microsoft do that?" musings thrown in.

  • Sign

    2018 Microsoft Predictions Revisited

    From guessing the fate of Windows 10 S to predicting Microsoft's next big move with Linux, Brien's predictions from a year ago were on the mark more than they weren't.

  • Microsoft Recaps Delivery Optimization Bandwidth Controls for Organizations

    Microsoft expects organizations using its Delivery Optimization peer-to-peer update scheme will optimally see 60 percent to 70 percent improvements in terms of network bandwidth use.

  • Getting a Handle on Hyper-V Virtual NICs

    Hyper-V usually makes it easy to configure virtual network adapters within VMs. That is, until you need to create a VM containing multiple virtual NICs.

comments powered by Disqus
Most   Popular

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.