Please, please, PLEASE stop running Windows XP

Please, please, PLEASE stop running Windows XP

“I just want it to work.” That’s what most people say about their computers, often followed by “If it ain’t broke, don’t fix it.” Personally, I think this a great approach for most things in life – but there are limits. Today, I’m going to tell you why you MUST stop using Windows XP or likely suffer serious consequences.

These days, almost all computers are connected to the Internet, so you have to take basic precautions to decrease the risk of getting hacked. The number one thing to do with any of your computers is make sure they’re receiving regular operating system updates. Most Windows and Mac computers you buy these days are set to receive these automatically.

Microsoft is in business to make money (as is Apple and Google and Moraware and every other software company) … so eventually they stop supporting older versions of their software. Yes, this is largely because they want you to buy the newest version, but there’s nothing nefarious about it – older versions of Windows are vastly more expensive for Microsoft to support, compared to newer versions. Windows XP launched more than 12 years ago, and it was arguably the most successful operating system ever – but Microsoft has been improving Windows every day since then in 3 major versions of the OS – Windows Vista, Windows 7, and Windows 8. If they continued to support each operating system much beyond a decade, they couldn’t continue to succeed.

But that’s just background info … here’s what it means for you if you don’t upgrade: YOU WILL PROBABLY GET HACKED, AND YOU WILL PROBABLY LOSE CONTROL OF YOUR XP COMPUTERS. THEY WILL NO LONGER BE FULLY YOURS, AND THEY COULD VERY WELL COMPROMIZE EVERY COMPUTER IN YOUR NETWORK, EVEN NON-XP COMPUTERS.

xphacked

Here’s why this is so: Each month, Microsoft releases updates or “patches” for all their supported operating systems at once (it’s known as “patch Tuesday”). Support for Windows XP ends on April 8, 2014. On the following patch Tuesday, Microsoft will release updates for Windows Vista, Windows 7, and Windows 8 that plug security holes in those operating systems. Windows XP will NOT get those security updates. At this point, Hackers WILL check out those updates and ask themselves, “Hmmm, I wonder if this same exploit that was fixed for Windows Vista, 7, and 8 is also broken in XP?” And it will be – maybe not the first month, but soon enough. The bad guys will be watching the official updates for fixed security problems, and they will figure out how to take advantage of those exploits on unfixed Windows XP machines.

In other words, IF YOU LEAVE A WINDOWS XP MACHINE ON YOUR NETWORK, IT WILL EVENTUALLY BE TAKEN OVER BY BAD GUYS.

“But nobody knows or cares about me or my business – why would they attack ME?” Ah, a common misconception. You’re right – technically, the bad guys DON’T care about you, at least not specifically … but they’re not looking for YOU, they’re looking for ANYBODY. The bad guys create automated programs (“bots”) that crawl the Internet looking for machines with specific, unfixed security holes that they can exploit. These people are not stupid, but they are a bit lazy … they tend to target the easiest machines to attack – and your Windows XP machine is a sitting duck. When their bots find an exploitable machine, they might snoop around on it for something valuable, they might add it to their bot network, or they might just maliciously destroy it.

Did I make my point? I rarely use all-caps, but I needed to get your attention, because I sincerely don’t want anything bad to happen to you. And if you’re using Windows XP, something bad is going to happen to you.

So what do you do?

Technically, you might be able to upgrade your existing machine to Windows 7 or 8, but this is probably not a great idea – your Windows XP computers are almost certainly more than 5 years old, and it rarely pays to upgrade a computer that’s more than 3 years old – you’re better off just buying a new one. There are plenty of good places to buy computers. The top five manufacturers are Lenovo, HP, Dell, Acer, and ASUS, and they all make good machines. All but ASUS sell direct, and they all can be found at various retailers like BestBuy, Amazon, and sometimes your local computer shop. It’s a low-margin business, so terrible manufacturers don’t last long. Many smaller manufacturers and custom builders make good machines, too. For most of our customers, the quality of support you get from your supplier is more important than the bottom line price, so consider that when you purchase.

Some people aren’t crazy about Windows 8. If so, you can find manufacturers that will sell you a brand new machine with Windows 7 on it. Personally, I’m a fan of Windows 8, but I used to work for Microsoft, so I’m biased. If you are on Windows 8, you’ll probably be happier with it if you open the Store app and upgrade to Windows 8.1 (machines purchased in the last couple of months would have come with 8.1 already).

When you get a new machine, you might want to add shortcuts to Moraware on the desktop again.

Since Moraware’s software is web-based, it will work on any machine with a modern web browser, so newer Macs are also a fine choice. While our software will likely work on Chromebooks and Linux boxes, we don’t technically support those, because we can’t run our screensharing software (GoToMeeting) on them. Buyer beware with those options. We’re also going to stop supporting Windows XP – after all, it doesn’t make sense for us to support an operating system that Microsoft no longer does. If you’re running Chrome, we probably wouldn’t notice if you were on XP, but c’mon …

I hope I’ve scared you into eliminating Windows XP in your business. It might seem like a hassle, but are you really willing to put your business at risk of a serious web attack? Remember that a determined hacker is an adversary. Keeping them at bay is a never-ending contest, because hackers are constantly changing their tactics. There will never be a precaution that makes your computers “100% safe” – just as there’s no precaution that can make your home 100% safe. Still, you wouldn’t leave home with your front door wide open – if you stay on Windows XP, it’s just like leaving your front door open. So bite the bullet and FIX IT!!

7 thoughts on “Please, please, PLEASE stop running Windows XP

    1. Patrick Foley Post author

      Wow – interesting twist. The specific end-of-support guidelines list Windows XP Embedded as January 12, 2016 (https://www.microsoft.com/windowsembedded/en-us/product-lifecycles.aspx) – so on its face, you have a bit longer before using an out-of-support operating system.

      More generally, my instinct is that embedded systems are more hardened to begin with and so are somewhat less likely to be attacked. That’s just my instinct though – I could be wrong. I would follow the guidelines from HP.

      Also an instinct, but if you are happy with thin clients, I would budget a specific, manageable replacement schedule for all machines and stick to it. The number that jumps to mind is to replace them every 5 years, but I would talk to someone more experienced with those kinds of systems – they might recommend a bit shorter or longer replacement cycle.

      I hope that helps – you probably don’t need to panic, but I would definitely speak with your IT director/consultant/salesperson and plan ahead.

  1. Pingback: Moraware Newsletter – March 2014

  2. Mike Gross

    All of my stone equipment runs Win XP or even Win 2000. Our stone routers that are the backbone to our business only support Win XP. These computers are connected to our network and the internet. The newest machine in our shop, built in 2013, came loaded with Win XP!!!

    Are you telling me the computers that run my routers and saws are going to be hacked?

    1. Patrick Foley Post author

      Unless they are running “Windows XP Embedded” then unfortunately, yes I am. Your computers are at extreme risk if they are exposed to the Internet and are running Windows XP or Windows 2000.

      I would suggest you contact your equipment manufacturer and ask how they intend to support an operating system that is no longer supported by its manufacturer – that’s just not good business. Windows 2000 is even worse. If a vendor still supported that, it would make me seriously question their business sense. Microsoft stopped supporting that years ago.

      To that, you might reasonably say, “hey, it hasn’t hurt me yet” … which reminds me of a conversation I had with my dad where I explained that you should never leave a can of gasoline with the cap open in an enclosed garage, because the vapors could ignite under the right circumstances. He said, “it hasn’t hurt me yet” … but how many times does it have to happen before you regret not putting the cap on?

      Leaving an unsupported, unpatched operating system in your network is a little like that can of gasoline. It might not hurt you for a month or 6 or 12 … but eventually it will, and that just doesn’t make sense to me.

      Luckily, my dad hasn’t blown himself up yet, but in my previous work, I have been engaged with customers who have been hacked, and it isn’t pretty. In my most recent personal experience, dealing with it occupied just about all of the company’s focus for at least 3 months. So I strongly recommend taking basic precautions, and upgrading XP machines is one of those basic precautions.

      Sorry to be the bearer of bad news. Contact me off this thread at patrick@moraware.com if you would like to discuss further.

  3. Pingback: Lessons from Heartbleed – time to change your passwords!

  4. Pingback: Time to upgrade old browsers | Moraware

Leave a Reply

Your email address will not be published. Required fields are marked *