Akamai Diversity

The Akamai Blog

Is Microsoft Wrong to Retire Windows XP?

There's an interesting article in Computerworld today about the dangers surrounding Microsoft's plan to finally pull the plug on Windows XP. The argument goes something like this: Many people still use XP, and depriving them of future security patches could lead to devastating malware infections and, by extension, myriad forms of mayhem.

From the article, by Gregg Keizer:

Microsoft plans to ship the final public patches for Windows XP on April 8. After that, it will not deliver fixes for security vulnerabilities it and others find in the 13-year-old operating system. The result, even Microsoft has said, could be devastating. Last October, the company said that after April 8, Windows XP would face a future where machines are infected at a rate 66% higher than before patches stopped. "After April [2014], when we release monthly security updates for supported versions of Windows, attackers will try and reverse engineer them to identify any vulnerabilities that also exist in Windows XP," said Tim Rains, director of Microsoft's Trustworthy Computing group. "If they succeed, attackers will have the capability to develop exploit code to take advantage of them."

Microsoft has justified its stoppage of Windows XP patches by reminding everyone that it has supported the OS longer than any others, which is true: Its normal practice is to patch an operating system for 10 years. And it has argued that Windows XP is old, outdated software that is less secure than its newer operating systems: Windows 7, Windows 8 and Windows 8.1.

That's all true, Keizer says. But the problem is that the user base remains massive. He cited figures from Internet measurement company Net Applications, reporting that 29.5 percent of the globe's PCs ran XP just a month ago. Using estimates of the number of Windows PCs now in operation, that "user share" translates into approximately 488 million systems, he wrote. As for Microsoft's argument that people have had more than enough time to switch to more updated versions of Windows, Keizer says, "If every PC sold in the next 12 months was one destined to replace an existing Windows XP system, it would take more than a year and a half -- about 20 months -- to eradicate XP. Windows XP isn't going anywhere."

I agree about the danger this poses to those who still rely on XP for their home machines. But I've also seen businesses that continue using the antiquated OS. 

The rest of this post is for them.

I've done business with small shops and doctor's offices and have noticed while making payments that they were using XP machines. I won't name them here, but whenever I see a business using XP I make a point of saying something to the owners.

I remember writing about the release of Windows XP SP2 in the summer of 2004. At the time, it was a big improvement. But it didn't stop the almost daily reports of new flaws in the OS and the attacks exploiting them.

Much has changed since then.

Most Windows shops are using Windows 7 and 8, and those versions are far more secure than their predecessors. 

I get that individuals can't always afford new versions. That's part of why so many homes still use XP. 

But for businesses, there's no longer a good excuse to be on XP. We're trusting them to keep our personal information safe, and that trust demands they use the more recent versions of Windows -- even if it means spending more money in the short run.