Microsoft stopped supporting Windows XP on April 8, 2014 which meant no more security updates, non-security hotfixes, free assisted support options and online technical content for Windows XP users. Without doubt, this can cause serious consequences for companies that still run Windows XP. But what are the major risks companies still using WinXp face and how to mitigate those risks?
When the support ended in April, the number of infections increased by 66%, leaving Windows XP exposed to attackers who find vulnerabilities by reverse-engineering security updates for newer Windows versions. This way they can discover precisely where that weakness is and how the vendor repaired it.
Users who still use Windows XP are left behind because no later version of Internet Explorer® (IE) than IE8 is compatible with the platform. One solution is to use alternative browsers, but this may pose threats, too, due to browser exploits.
Another potential security danger is that vulnerable endpoints are used as launch pads for next-generation malware that outdated systems like Windows XP might find difficult to handle. Any PC running Windows XP is a major weak spot leaving the system exposed to highly targeted attacks using software exploits to get into the systems.
Business Costs and Consequences
Users of Windows XP who prefer not to switch to Windows 7 are familiar with the interface and know the platform of XP inside out. However, this can cause unpredictable costs to businesses. The financial cost of maintaining Windows XP after support ended is rising due to availing custom support services. Administering, managing and using Windows XP systems are also significantly more expensive than doing the same for Windows 7. In terms of time management and costs that come with such, handling operational Windows XP system activities takes up a lot of resources, therefore inhibiting business continuity.
For companies that are using their Windows XP systems it is recommended to have an additional layer of protection stopping unwanted malicious applications on endpoints, like Trend Micro OfficeScan.
We still, however, advise users to upgrade to the newest Windows OS version. Here are a few tips that help companies avoid future problems:
Virtualise your Windows XP environment to have an additional layer of protection and more efficient management.
Using RODC (Read-Only Domain Controller) like Windows 2008, 2008 R2, 2012 or 2012 R2 on Windows XP LAN. We recommend using a domain controller on the same LAN switch connected to Windows XP systems to remotely manage Windows systems more effectively without causing problems on the security of the entire network.
Windows XP machines should not communicate outside the internal network. If so, Web proxy or an application-layer firewall should be used. Updates to third-party software should be done manually if needed.
Companies should use alternate browsers.
When new Windows XP vulnerabilities are announced, patches are not released anymore because of EOL (End of Life) making it easy for exploits to target this vulnerability. Virtual patching is the answer here. Virtual Patching shields vulnerabilities in critical systems as permanent protection in the case of EOL or unpatchable systems. Solutions like Trend Micro Deep Security’s virtual patching help organisations save money by preventing system downtime, as well as by reducing the risk of breach disclosure expenses.
In this modern age of technology the process of attacking organisations is becoming more and more simplified causing massive damages. We always recommend users running vulnerability scans regularly (once a quarter) to check for breaches and stop unidentified threats from attacking their entire network.
Via Smarttech: http://smarttech.ie/blog/windows-xp-risks/#