Microsoft: Attackers Will Soon Have Greater Advantage Over Defenders On Windows XP

No, we are still talking about computing, not football or soccer for that matter. But a game is about to be played between cybercriminals and PC users, and the good guys will have some notable handicaps.

Microsoft has marked April 8, 2014 as the last date ancient old Windows XP will receive its last set of security patches. By the same token, this is the vey date the company hopes no one (or very few users) are running Windows XP.

Retiring the old operating system and pushing users to newer platforms is a priority for Redmond.

And the software titan recently issued another warning call to Windows XP users, this time bringing into spotlight the security risks of staying on the old OS beyond April.

Microsoft spokesperson Holly Stewart recently talked about this, saying that Redmond patched a total of 30 zero-day vulnerabilities this year. And without these patches, there would have been 30 ways to exploit the operating system and attack the computers:

“From a security perspective, this is a really important milestone. Attackers will start to have a greater advantage over defenders. There were 30 security bulletins for XP this year, which means there would have been 30 zero-day vulnerabilities on XP without support.”

She also explained why Windows XP is easier to hack. The aging operating system is based on older techniques — techniques that cybercriminals and hackers are already quite familiar with.

“Older software is easier to break into and over time, cybercriminals learn how to bypass mitigations. XP is no different. A good example is DEP (Data Execution Prevention) which was not commonly bypassed when it was released. The utility of that mitigation has degraded year over year.”

The crux of the matter is that things have a potential of getting much worse, without patches. And for the 30 or so percent of users that are still on Windows XP, time is running short.