Henry Dalziel | General Hacking Posts, Pentesting Distros | September 5, 2013
The End Is Nigh for Windows XP, April 8th to be exact, and there is no Mayan calendar in sight.
Windows XP Service Pack 3 (SP3) customers will no longer receive security patches or updates. Indeed, there will be no support at all, not even free or paid assisted support. This clearly presents a problem for organizations that still use Windows XP (hint, many do) and an opportunity for opportunistic hackers.
How many Operating Systems run Windows XP?
According to statistics taken from the W3 OS Platform Statistics in August 2013 (the date of this blog post) 14.7% of users they poll use Windows XP. In fact, a study commissioned by Accenture showed that Windows XP still accounts for about 40 percent of installed desktops in the United Kingdom and according to Net Applications, more than a third of OS installations in the US run XP.
Why is XP still popular?
Windows XP certainly has a cult following. Maybe the reality of the situation is that XP ‘just works’, is low on resources, and that certain web applications ‘only’ work on XP. Some organizations that are running XP will be influenced by “Luddites” who don’t relish the thought of change and use their computers because they ‘have to’ for the job that they have been paid to do. Aside from employees being adverse to change another reason why XP, in our opinion, is that Vista was a total disaster. Having seen that update, that was crap, many must have thought, ‘why do we have to change, and if it ‘aint broke, don’t fix it.’
XP is trusted. I guess that is the major reason why businesses all around the world will blindly go over the ‘expiration date’ and continue to use an unpatched Operating System and the inherent security problems that brings.
Companies that continue to use XP, do so at your own peril!
Here’s the rub. Post XP Armageddon Microsoft will still continue to release patches for Vista, Windows7/ 8 etc., and the hackers will duly look at the patches, reverse engineer them, and apply them to XP. Not nice. In essence we just described an eternal zero day vulnerability since as discussed and established by Microsoft, there will be no more support.
The solution? Linux is your friend!
Sure, Linux has struggled on the desktop, but as many of our readers at the Concise Courses blog will be aware, we are massive proponents of using Linux. Although our focus (within the Linux discussion) remains within the penetration testing Linux Distro scene, we use Linux as our daily operating system and we’ve never looked back. Sure, there are web applications that can only be run in a native environment such as Windows, but, why don’t organizations embrace Linux more? It would be nice to see the transition from XP to Linux desktop computing.
Clearly the discussion of replacing XP with Linux is a massive subject but what are your thoughts to that taking place? What are the positives and negatives? Let us know in the comments below!