back to article Microsoft warns of post-April zero day hack bonanza on Windows XP

Microsoft has a Windows XP problem: people still like it and aren't willing to upgrade just yet. So it's warning users that if they don’t upgrade soon, hackers will lie in wait each new Patch Tuesday to reverse-engineer a full set of new vulnerabilities. "The very first month that Microsoft releases security updates for …

COMMENTS

This topic is closed for new posts.

Page:

    1. Fihart

      Size matters. @Martin 47

      " Well XP will be running on my old laptop for as long as I can keep it going, no other operating system plays nicely"........

      Too right.

      I don't plan on scrapping my modestly powered netbook. It's the size of an iPad, but with a sensible keyboard.

      I quite like Win7 but enormous and unusable on my older kit.

      So XP or, finally, reluctantly, Linux.

      1. Alan Brown Silver badge

        Re: Size matters. @Martin 47

        "I quite like Win7 but enormous and unusable on my older kit."

        No worse than XP Sp3 in my experience - it got slimmed down mightily from Vista in order to fit onto Netbooks (and simultaneously torpedoed the good ship "upgrade your PC every 18 months to cope with bloatware")

  1. Henry Wertz 1 Gold badge

    ""According to recent data, 15 per cent of IT managers running XP don't even realize support is ending..."

    Is this level of ignorance normal, or are they just trying not to think about it?"

    Probably normal. You have that set of people who are an "IT manager" because they know how to stick a Windows disk in + install the updates. They do nothing to streamline the process, they do not read any IT news whatsoever, they do not research ever replacing or upgrading the software. They just have a few computers they are tasked with keeping running, and that is about it.

  2. Anonymous Coward
    Anonymous Coward

    This sensationalist headline is a good test to see if people actually read the article

    Given some of the responses here, suggesting this is "deliberate creation of..." or "sabotage" seems to indicate they do not.

    Hate to be seen as defending MS, but they've been supporting it for over a decade now. How long is long enough?

    I'm personally more concerned about the fact they never released a second service pack for Windows 7, because they didn't want to extend its support date (they guarantee support 5 years after the release of the last SP) So support for Windows 7 ends in about 2 1/2 years. After such a long support life for XP, there are going to be a lot of people caught out if MS goes through with obsoleting Windows 7 so quickly. Especially since most businesses only recently completed migrating from XP to Windows 7, and few have any desire to migrate corporate desktops/laptops to Windows 8.

  3. Anonymous Coward
    Anonymous Coward

    MS is getting desperate on Windows 8x

    I suspect this is much more to do with poor sales of their new flagship product than anything else!

    1. Vociferous

      Re: MS is getting desperate on Windows 8x

      > this is much more to do with poor sales of their new flagship product

      Yes, that is a factor. WinXP users are supposed to switch to Win8, and the date to end support was chosen to coincide with assumed drop-off in initial demand for Win8 (didn't quite play out like that, but the best laid plans...).

      And boy oh boy, are those XP users ever in for a treat.

      But perhaps it's easier to go to Win8 for those who have not experienced Win7, as Win8 has a lot of improvements in reliability and security compared to XP but not compared to 7.

      1. Anonymous Coward
        Anonymous Coward

        Re: MS is getting desperate on Windows 8x

        There are still OEM-licenced copies of Windows 7 Home Premium (32bit, 64bit, you choose) available from a well known etailer (checked earlier today). And not even via their Marketplace; direct from the big river themselves. Possibly a better option than Windows 8.anything. Buy now while stocks last.

        1. Anonymous Coward
          Anonymous Coward

          Re: MS is getting desperate on Windows 8x

          Yabut - you'll be non-compliant with the terms of an OEM license if you install that software on anything other than a brand new machine.

          Might just as well install a pirated copy.

          1. Charles 9

            Re: MS is getting desperate on Windows 8x

            "Yabut - you'll be non-compliant with the terms of an OEM license if you install that software on anything other than a brand new machine."

            Yabut - Can they tell the difference between an upgraded prebuilt and a homebuilt? How much of a computer must be upgraded with new parts before it can be declared a new computer? And so on...

            1. Tom 38

              Re: MS is getting desperate on Windows 8x

              How much of a computer must be upgraded with new parts before it can be declared a new computer? And so on...

              Pretty much anything - new mobo, new CPU, new GFX. You can stick more RAM or hard drives in without re-triggering activation.

            2. BinkyTheMagicPaperclip Silver badge

              OEM has always been about the motherboard

              what XP will activate on or the Microsoft phone registration staff will give you a code for is irrelevant. OEM Windows is tied to the motherboard. If the motherboard dies it must be replaced by a comparable motherboard (same one or generation, not an upgrade).

              the only differences between OEM and retail are the motherboard lock, lack of telephone support and the inability to resell the license (although selling the motherboard/PC with the license is ok). It's all in the license terms, it's just that most people choose to ignore them..

        2. Sorry that handle is already taken. Silver badge

          Re: MS is getting desperate on Windows 8x

          There are still OEM-licenced copies of Windows 7 Home Premium (32bit, 64bit, you choose) available from a well known etailer (checked earlier today). And not even via their Marketplace; direct from the big river themselves. Possibly a better option than Windows 8.anything. Buy now while stocks last.

          Or OEM editions that have been separated from their original machines (Dell etc.) without being activated, for about 40% of the retail price. They're all over ebay Germany.

      2. hplasm
        Gimp

        Re: MS is getting desperate on Windows 8x

        "And boy oh boy, are those XP users ever in for a treat."

        No, unless they like wearing the mask....

      3. Vociferous

        Re: MS is getting desperate on Windows 8x

        In retrospect I should probably have indicated that I was using sarcasm when I said "boy oh boy, are those XP users ever in for a treat", but I thought it was obvious.

    2. El Andy

      Re: MS is getting desperate on Windows 8x

      @AC 20:46

      The end of life date for Windows XP was published long before the release of even Windows 7, let alone Windows 8. The idea that this is some sort of reaction to sales levels is ridiculous, unless you're suggesting Microsoft has psychics on staff.

    3. Hooksie

      Yes, because no company would ever do that ever. Buy new biological biz, it keeps your clothes clesner and fesher for longer. Just like our last product claimed to, and the product before that. When people bought XP all those years ago there was no suggestion that they would still be using it 13 hears later. Microsoft was sipposed to end aupport for it much earlier but decided to extend it to give companies (banks) the chance to move. Bottom line is that whether you salivating bunch of MS hating retards agree or not, Windows 8 is the fastest and most secure Windows OS to date. Just like XP was when it came out.

  4. Mr Young

    Works for me

    XP = classic

    Cue multiple votes either way...

  5. Destroy All Monsters Silver badge
    Trollface

    Nice OS you have there... shame if something happened to it...

    I'm not sure if this is Bad Ballmer Steve's "The Operation", in which he promises to beat people up if they pay him the protection money, or whether it already is "The Other Operation", in which he promises not to beat people up if they don't pay him the protection money.

    (This is of course a Flying Circus reference)

    1. Zippy's Sausage Factory
      Trollface

      Re: Nice OS you have there... shame if something happened to it...

      If they ever upgrade to "The Other Other Operation", we're all stuffed...

  6. FordPrefect

    To be fair to Microsoft this is 12 year old product and they have said for years they will not continue to support it. Apart from mainframes how many other OS or software releases are still actively supported 10 years after release? It costs money to continue to develop updates for windows XP and no organisation is going to continue developing something for free indefinitely. Microsoft are just pointing out that every flaw and vulnerability they fix in VISTA, 7 and 8 will be checked by those with malicious intent to see if XP has the same flaw.

    I guess if there is a call for it maybe the AV vendors can potentially scan for and block any malware extending the life somewhat for those that arent ready to make the jump to something newer. Not as good as fixing the problem though.

    1. Roger Greenwood

      It really annoys me . . .

      . . .that you describe XP as a 12 year old product. I have computers that were bought new only 4 to 5 years ago running XP so I expect them to do a few more years yet. Not a large enterprise, I grant you, but I am sure there are lots of other SMBs in the same boat.

      1. BongoJoe
        Mushroom

        Re: It really annoys me . . .

        Quite, What has age got to do with it?

        For a lot of applications they work better running on XP than they do on W7. We don't have these silly File Explorer bugs pn XP when we have two or more such windows open. We don't lose things from the network all the time with XP.

        Until the Windows XP Compatability environment has gone, along with the need for it (i.e. make good legitimate code by your own rules MS continue to work) then, yes, I will happily upgrade.

        You made the rules, Microsoft. We followed them now you do so the same.

        And as for age? What's that got to do with it? I'd rather play a nice pre-CBS strat than a modern one fewer than twelve years old. I'd rather drive an old Jaguar rather than a modern version, I would rather have a 2 Series Landie to go off the metalled highway rather than a modern townie version. The list goes on and on.

        There is nothing wrong with XP. It may have started off badly but it's ended up as a fine product and certainly a lot better for a lot of people than Win 7. But this is nothing to do with age; it's all about selling more licences.

        Okay, sell me a set of licences then, Microsoft, but only for a better operating system. When you come out with one then do let me know.

      2. El Andy

        Re: It really annoys me . . .

        @Roger Greenwood: " I have computers that were bought new only 4 to 5 years ago running XP"

        And the Windows lifecycle roadmap then was telling you then exactly what it's telling you today, support was ending in 2014. If that wasn't sufficient for your needs, perhaps you should ask yourself why you chose to buy machines with XP.

        1. Getriebe

          Re: It really annoys me . . .

          "And the Windows lifecycle roadmap then was telling you then exactly what it's telling you today, support was ending in 2014. If that wasn't sufficient for your needs, perhaps you should ask yourself why you chose to buy machines with XP."

          @ElAndy - exactly what I thought when I read Greenwood's post.

          Where is the forward planning, where is informing the business of a strategy to get them through the next 5 years say? Don't the suppliers you work with or if you are the IT person work up a budget and a plan that carries you through?

          In the business I work for we are constantly informing our customers of what the future looks like from out view point, helping them plan and keep viable. We have no one on such old software OS or applications.

          We have just bought a British compnay with about 40 customers with software investmenst of over £80k and we find some have XP, so we have lept on them all and are putting change paths in place.

          Why the fuck did the company that we took over no do this? Because they had no business sense and were amateurs, which is why we got them for a song. So now their customesr are going through some turmoil of fix the problem.

          Isn't part of the role of IT in any size of company or any services supplier to stop the company getting into a cul de sac?

      3. Prowler
        Alien

        Re: It really annoys me . . . ( me too! )

        Riddle me this. The Chevy Corvette was RTM'd in 1953. How old is a 2008 Corvette?

        WinXP(sp3) dates to April 2008. If you install that WinXP(sp3) CDROM or ISO today quite a large amount of files are stamped to that very date. If you have allowed Microsoft to support it with automatic updates ever since you will have a large amount of core files dated much more recently. So this 12 year old OS thing is really getting annoying. Look here ...

        ( 2006-Nov ) Vista RTM

        ( 2008-Feb ) Vista SP1

        ( 2008-Apr ) Windows XP SP3

        ( 2009-Jul ) Windows 7 RTM

        The bulk of the files in WinXP(sp3) actually are newer than Vista RTM and Vista SP1 and just a year younger than Windows 7 RTM.

        But even more importantly is the fact touched on in this article and the source blog post at Microsoft - there are gobs and gobs of shared code. Look here ...

        "... from July 2012 through July 2013, Windows XP received 45 patches, 30 of which were relevant to Windows 7 and 8 as well ..."

        Understand what they are saying: despite all their marketing lies and FUD about "12 years old" there is substantial overlap and that overlap has been receiving patches but no longer will after next spring. On one hand they are using "12 years old" as a negative but on the other hand they are admitting that parts of Windows Vista, 7 and 8 are also 12 years old. Oh yes, they are. Talk about having it both ways.

        Methinks that the real goal here is to get everyone on the same page, and that means using a government spook approved post-9/11 post-PRISM operating system ( Windows 6.x ) that has been designed from the ground up to be easily penetrated when the feds come calling. Tin-foil conspiracy? Only if you are Rip Van Winkle.

    2. Roland6 Silver badge

      Re: 12 year old product

      To be fair to Microsoft, Windows 8 is basically a 12 year old product dressed up to look new and shiny!

      Note what MS are really saying in this release, is that Windows 8 contains many of the same vulnerabilities as Win7 and XP, because significant amounts of the code base is the same across all products...

  7. Turtle

    $12bn Opportunity

    "At last year's Worldwide Partners Conference, Microsoft described the upgrade market for Windows XP as a $12bn opportunity for the channel. "

    All they need to cash in on that $12bn is a decent XP replacement. Pity that it seems to be beyond their skill level.

    1. Anonymous Coward
      Windows

      Re: $12bn Opportunity

      MS should develop a TRUE replacement for XP. Considering that most XP machines out there are 4+ years old, an operating system that will run on that old hardware is needed.

      Let's not forget that with the Great Recession there are a lot of consumers and organizations that would find it difficult or impossible to replace all that old hardware.

      1. Not That Andrew

        Re: 4+ year old hardware

        Are seriously saying that Win 7 won't run adequately on hardware like Intel Core 2 Duos and Quads? or older AMD Opetron and Phenoms? granted, you might have to scrounge up some RAM to make sure the the machine 2 GB available. But Win 7 will run perfectly in that sort of hardware.

    2. Getriebe

      Re: $12bn Opportunity

      Isn't it a 12 billion opp. for some LINUX shops to spring up offering a one stop shop to move a business over.

      Typical small engineering company that might have mail, word proc, accounting, warehousing/stores, planing and shop floor loading, import documentation and HMRC tax filing. Put together a package deal and you could have a profitable offering.

      1. Anonymous Coward
        Anonymous Coward

        Re: $12bn Opportunity

        "Isn't it a 12 billion opp. for some LINUX shops to spring up offering a one stop shop to move a business over."

        "Put together a package deal and you could have a profitable offering."

        Exactly. This is the nightmare scenario for MS, and if they haven't seen it coming, they must be complete idiots.

        For years they've been able to rely on their ecosystem of certified Microsoft Dependent Business Partners.

        Now the smart ones are realising that all is not well in their world; MS want to move the business to The Cloud (external or internal) and much of the "value add" from the Microsoft Certified ecosystem will no longer be saleable. The alleged $12bn opportunity is a mirage.

        So the former Microsoft Certified are soon likely to be forming plans to get their customers to stay with them (but not necessarily with MS). If they haven't already done so. Won't that be interesting.

        It may take a little while longer before it really hurts MS themselves, but outside MS, it's not a good time to be MS dependent.

    3. Roland6 Silver badge

      Re: $12bn Opportunity

      >Pity that it seems to be beyond their skill level.

      It also seems that like many companies Microsoft has lost it's hard nosed commercialism. Hollywood, given the success of XP, would of come out with a whole string of sequels and expanded the franchise, MS an IT company is doing it's utmost to kill the thing off...

  8. Herby
    Joke

    Of course, there is ONE solution...

    They could make Windows XP Open source.

    Of course pigs might fly on their own, not when rocketed by humans, but I digress.

    1. Getriebe

      Re: Of course, there is ONE solution...

      I know this has been discussed in Redmond! And still a (very very) small possibility

    2. ITS Retired
      Facepalm

      Re: Of course, there is ONE solution...

      And let the world know how spaghetti coded or otherwise how badly their old Flagship XP OS really are coded? Someone would go through it and come up with a version of open source XP, half the size, twice as fast, with much better security, all within a few months. That would never do.

      1. Fihart

        Re: Of course, there is ONE solution... @ITS Retired

        "XP, half the size, twice as fast, with much better security"

        Never mind Open Source. If only MS had just done that itself instead of wasting effort on snazzy (read tasteless) new looks to Windows.

        In fact, the preoccupation with interface over underlying efficiency is probably a product of the unholy alliance with an Intel wishing to shift faster processors.

    3. DropBear
      Boffin

      Re: Of course, there is ONE solution...

      ...or one could just try ReactOS [1], which is basically an open-source XP. Granted, it isn't quite production quality yet, but it just might be by the time the switch is pulled...

      [1] - http://www.reactos.org/

  9. schotness

    An OS full of security holes is broken. They should be forced to support it till its fixed, provide a refund or an alternative for free.

    1. Don Jefe

      Don't Have To

      They don't have to provide updates at all period, unless the product does not function based on the published minimum system requirements.

      In the US you can't even advertise it as 'going to be updated' in the future: US law prohibits companies from listing 'partial or incomplete' products as sales in their financials. You get what you get when you buy it and the goodwill of the company keeps the updates coming.

      It sucks, but that's the way it is.

    2. This post has been deleted by its author

  10. Dr. Ellen
    Devil

    The Piranha brothers strike again

    Nice operating system you got there. Be a shame if anything happened to it.

  11. Boris the Cockroach Silver badge

    Oh well

    guess my copy of XP will be relegated to running on a VM on the linux box

    On the plus side, that will free up about 250 gig of disk space for a new linux install.

    Anyone know if they are turning off the validation servers too (for us that legally own a copy)

    1. Mystic Megabyte
      Linux

      Re: Oh well

      Assuming that you never let "Windows Genuine Advantage" into XP just disable the network connection to your VM after the last updates and it will work OK.

      If you have foolishly let WGA in, then you will have to do a tedious re-install and make sure that it is de-selected in the updates list and "Never ask again" selected..

      For OEM versions with a restore disc you can just fake the BIOS strings needed to activate it.

      See:

      http://ubuntuforums.org/showthread.php?t=2070347&p=12293480#post12293480

  12. John Tserkezis

    Holy Crap (TM), I have to give my 2c worth here.

    Firstly, I hear the shock and horror that Vista, Win7 and Win8 combined nearly don't hold a candle to the number of malware cleans on XP. What everyone appears to forget, is that XP has had a 12 year headstart.

    Twelve Fucking Years

    Remember that, considering XP users have been stringing it along while paying nothing. Especially when you look at the upgrade path: More money for an upgrade, training, IT support changes, possibly software upgrades/changes, for essentially, a new fangled OS that is merely a life support system for their software. - don't care about the addons, the increased capability, increased security perhaps-especially when they get their regular free Tuesday fixes on time. Paying a bucketload more money to "keep getting what we had before" is particularly unattractive.

    However, Microsoft DOES care about mounting costs supplying "free" updates. Someone has to pay for those remember? And as long as it's not the ever-valued end user, who gives a crap right?

    Well, after Twelve Fucking Years, and and a blunder inbetween (even if it was a sales/marketing blunder that counts and I'll never see Vista as a valid contender), being left with Win7 as their main revenue stream, they're theatening to stop updates, and release current known vulns to "encourage" the stragglers to update.

    The morality or fairness of that aside, just in case you forgot: Twelve Fucking Years. In the past decades, you couldn't count how many other corporations have gone bust within the 7 year mandated support life cycle (?? at least here in OZ), let alone actually, properly supported their old products without forcing an upgrade within that time (well, making the lives of their clients difficult) - yet Microsoft is still supporting XP.

    The jig is up boys and girs, seriously, suck it up and upgrade, you've had an exceptionally good run, scratch a notch on your keyboard and be done with it. Time to move on. Sheeze.

    1. Ron Christian

      Re: Holy Crap (TM), I have to give my 2c worth here.

      Yeah, the problem is, the OS is just there to load my applications. I don't need a new OS, and I don't need a new computer just to be able to run a new OS in order to run my existing application. So, no. Sorry. Don't care how long it's been. Mere age is not in and of itself a reason to replace a computer that is still doing the job.

    2. Mystic Megabyte
      Stop

      Re: Holy Crap (TM), I have to give my 2c worth here.

      If you still have trust in the company that released the pile of stinking dog poo that was Vista* then I think you have problems.

      The whole Hollywood/DRM collusion made it into the most massive release of spyware ever seen and the users got to pick up the cost.**

      Ref:

      * https://en.wikipedia.org/wiki/Criticism_of_Windows_Vista

      ** http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html

      1. Jamie Jones Silver badge
        Stop

        Re: Holy Crap (TM), I have to give my 2c worth here.

        Why shouldn't they continue to provide XP fixes ?

        We are talking fixes for faults, not enhancements - and primarily security fixes at that.

        If the software was 'fit for purpose' when sold, none of this would be necessary, so don't give me this crap about the wonderful MS doing all this for free - in fact, if anything, MS should pay people for their time each time they have to patch a vulnerability!

    3. Not That Andrew
      Thumb Up

      @John Tserkezis Re: Holy Crap (TM), I have to give my 2c worth here.

      Well said. And I myself can't believe the level of idiocy displayed by some of the commentators here.

  13. Ed Hume

    Why fight it? Make money, not war!

    MS cannot be expected to provide security updates to an obsolete OS -- for free. So, MS should begin a program of paid support for Windows XP. Pay $X per year and they will provide updates. Say $10US per seat? People running XP do a cost/benefit analysis, decide on their own when to buy a new OS. In the mean time, MS earns enough money to pay for making the updates.

  14. JustWondering
    Pirate

    Oh well

    I guess I would be more offended if I had ever paid for a copy of XP.

Page:

This topic is closed for new posts.

Other stories you might like