Windows XP retirement: What we recommend for security

xp-retirementFor many of you, Microsoft has retired your favorite operating system, XP. I say favorite since about 20% of the Windows PCs out there are still running some variant or other of XP, from Home through to embedded, and we don’t see that changing any time soon.

The vast majority of customers will by now have swapped out the systems where they are using XP as a standard desktop for something newer – probably Windows 7 or 8. Those that haven’t are possibly unaware of the risks or else have some kind of bespoke application installed that means that they cannot easily move to a later operating system.

The fact is that XP will no longer get updated (Microsoft released an update for IE including in XP after the end of support, but is not likely to do so again). Perhaps it will be seen by some as not important enough to warrant the investment in change. However, PCs now running XP are at a greater risk than ever of compromise – despite Sophos and other security vendors continuing to offer protection against malware.

One of the first tenets of security is to be “up to date.” This of course means that your operating system should have the latest Service Pack and hotfixes.

You would have thought that after 12 years in the field, XP would have had all the wrinkles ironed out – but that is not the case and you can be sure that XP will now be getting lots of attention from the bad guys.

We accept that it’s not easy to eradicate XP from every environment.

  • Our advice is to remove as many XP systems that you can, as quickly as you can. Don’t hang on to your XP systems just because you know you will have a few that won’t go without a fight.
  • If you can, separate the remaining XP computers from the rest of your PCs. Restrict the users’ privileges where you can, and keep absolutely everything else installed on them up to date.
  • Finally, remove or restrict access to the Internet where possible.

We are committed to providing support for XP for at least another 18 months. However, we are actively monitoring usage and reviewing how we support XP, and may adjust our stance in the future.

We will update our product retirement tables as required.

2 thoughts on “Windows XP retirement: What we recommend for security

  1. Pingback: Windows XP retirement: Using Sophos products to secure XP | Sophos Blog

  2. Pingback: Windows XP retirement: reminder, Java support has also now ended | Sophos Blog

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s