Sign in with
Sign up | Sign in

Microsoft May End Antivirus Updates for Windows XP Too

By - Source: ZDNet | B 23 comments

A spokesperson for Microsoft told ZDnet that the company will not guarantee updates of its antimalware signature and engine after the Windows XP end of support date of April 8, 2014. The news arrives after Tim Rains, Director of Trustworthy Computing at Microsoft, explained why Windows XP and Office 2003 users will be left so vulnerable to attackers.

"Running antivirus on out of support operating systems is not an adequate solution to help protect against threats," the rep told ZDNet on Monday. "Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape."

"In addition, Microsoft recommends best practices to protect your PC such as:  1) running up to date antivirus, 2) regularly applying security updates for all software installed, and 3) using modern software that has advanced security technologies and is supported with regular security updates," the rep added.

Last week Rains said that Windows XP users are more vulnerable now than they were years ago because the company has steadily incorporated defensive technologies into Windows with each new version. According to the report, the only major technology Windows XP has is Data Execution Prevention, or DEP, which was improved in subsequent versions.

In a chart provided by Microsoft, the number of Common Vulnerabilities and Exposures (CVEs) mitigated by Windows XP's built-in DEP were finally surpassed by the CVEs that could bypass XP's baked in protection in 2011; by 2012, that bypassing number of CVEs appear to have doubled. Now imagine the number for 2013 and beyond, as unpatched vulnerabilities will begin to emerge after April 8, 2014, some of which will have been saved by hackers to use after the death of Windows XP.

Rains also points out that Microsoft will patch vulnerabilities in Windows Vista and above, but "malicious" researchers will likely reverse engineer these updates, test to see if they affect Windows XP -- which most of them will according to the report -- and write exploits for those vulnerabilities, targeting the older Windows XP platform.

Individuals and companies holding off on upgrading from Windows XP may want to reconsider, especially if they're handling private, sensitive data. This isn't a sales pitch, but more of a plea to move away from the dying platform to at least Windows 7, a sleeker and safer platform using newer technologies that help protect your sensitive information better than Windows XP.

Follow us @tomshardware, on Facebook and on Google+.

Discuss
Display all 23 comments.
This thread is closed for comments
  • 4 Hide
    lp231 , November 4, 2013 7:08 PM
    XP is old, but there are other free ones like AVG and Avast
  • 0 Hide
    jerm1027 , November 4, 2013 7:41 PM
    Quote:
    XP is old, but there are other free ones like AVG and Avast


    As much as I'm skeptical of anything those folks have to say, they make a point. If you bothered reading the article, you'd know that one of the first things said was anti-virus wasn't enough. There are inherent vulnerabilities within the OS itself that, presumably, anti-virus can't protect against. Windows XP really doesn't have any built-in security outside of DEP, and that dated version can only do so much.
    Quote:
    In a chart provided by Microsoft, the number of Common Vulnerabilities and Exposures (CVEs) mitigated by Windows XP's built-in DEP were finally surpassed by the CVEs that could bypass XP's baked in protection in 2011; by 2012, that bypassing number of CVEs appear to have doubled. Now imagine the number for 2013 and beyond, as unpatched vulnerabilities will begin to emerge after April 8, 2014, some of which will have been saved by hackers to use after the death of Windows XP.
  • 3 Hide
    fleakiller , November 4, 2013 8:14 PM
    And what sucks for me on my work computer is that most crane and engine manufacturers software only work on XP.
  • 2 Hide
    Darkk , November 4, 2013 8:47 PM
    @fleakiller - It's not really an issue long as those PCs don't connect to the internet. It'll run perfectly fine for several more years until the new version of the software requires newer version of the OS to run it.
  • 2 Hide
    s997863 , November 4, 2013 9:20 PM
    "Running antivirus on out of support operating systems is not an adequate solution to help protect against threats,"
    In my experience back when WinXP was new, browsing the internet without ANY protection on Win98 caused no ill effects whatsoever, but using IE on XP without a firewall immediately started messing up your machine with worms/trojans even if you were just browsing only. So it's quite the opposite. Apparently, if it's not popular (not many users), it's much less likely to be targeted.
    As for Antivirus: never ever used any antivirus in my life, and never had any problems. Just use common sense:
    1. don't download/run/install untrusted programs.
    2. keep hidden-files & system-files veiw always ON in folder options.
    3. disable autoplay for all USB/cd drives. Never use autoplay ... ever.
    4. keep "file extensions" view ON always. (so you can see image.jpg.exe for what it really is)
    5. delete the hidden folder containing the wierd EXEs in the flash drive someone just gave you.
    6. do the opposite of whatever MS reps say.
  • 0 Hide
    taz-nz , November 4, 2013 10:32 PM
    @Darkk - That's only true if you also:

    - Remove the optical drive and other removable media drives.
    - Remove any wireless or bluetooth adapters.
    - Block up the network port.
    - Remove any peripherals that have their own data inputs, multifunction printers, flash card readers etc.
    - Block up all the USB ports, unless they are needed for keyboard on mouse, in which case super glue those devices into the ports.
    - Block up any other port such and Firewire or Thunberbolt.
    - Tack weld the case shut.

    Then maybe the computer will be safe for the next couple of years, of course it will impossible to get data on or off the computer, other than manually enter it or print it out, there will also be no way to backup, but hey it will be safe, as long as the hard drive doesn't fail.

    Air Gapping a PC only works if you have total control over what is connected to it at all times. I can't count the number of PC I've seen total owned by a virus, because someone thought because it wasn't on the network it was safe. But of course they want to get files on off the pc using a flash drive, or they wanted that one file off the backup media over the long weekend, so they opened it on their home PC, or someone needed a convenient USB port to charge there smartphone. Then it's as helpless as the Indians were to smallpox.

    In the typical work environment an Air Gapped computer is a lamb to the slaughter, an internet connected computer with a modern OS, antivirus, and the ability to keep itself up to date, has a hell of a lot better chance of staying virus free.

  • 2 Hide
    somebodyspecial , November 4, 2013 11:40 PM
    ROFL. Get comodo internet security (firewall/av/sandbox etc included) etc...FREE, better than MS already. Viola...Problem solved. Combo this with THREATFIRE (again free) and you're good to go. I do this on Win7 and I don't run around on just "regular" websites...ROFL. You can get system restore type apps better than built in also free. At one point I had XP on a machine that hadn't been updated for 2+ years with windows updates (just as a test project) which never had issues. The combo above kept anything bad from happening even knowing gaping holes were in my OS/Office 2007 (had that on at the time, also out of date for 2yrs). I'm in IT so we do some crazy crap like that at home...LOL. I've tested other AV/Firewalls also but ended on this combo since the family likes it and has less issues it seems (nobody liked kaspersky...Wasted money for 3 houses on that stuff, turned it off in weeks...LOL). I used to really like ZoneAlarm but that ended ages ago for various reasons (and cost). Everyone is now used to how to sandbox stuff etc in comodo so I don't see us paying anyone for a while and threatfire pretty much just works silently with a popup once every few months trying to get you to upgrade to their product (one click it's over).

    Don't panic people, just get some good free tools that are highly rated by cnet, pcmag etc or grab what I named above.
  • 1 Hide
    h0llow , November 4, 2013 11:59 PM
    easy thing to do.. don't do anything stupid online.. get some good AV + antispyware.. good enough.. get a lot of issues still? well.. spend the money and get a new pc or os.. running a 10-13 yrs old pc is pretty slow compared to new stuff anyways USUALLY according to all my computer clients stubborn to get rid of their pc or buys a 13 year old machine used. not to be prideful or anything but i've also never needed any sort of AV software and extremely rare that i get anything bad.
  • 1 Hide
    danwat1234 , November 5, 2013 1:53 AM
    You don't need to upgrade from XP, just use a good security suite and common sense.
  • 2 Hide
    digiex , November 5, 2013 2:27 AM
    Enough of these scare tactics on XP, I'm really very scared at this moment, Ok, ok, I'll switch,...

    ...to Linux
  • 0 Hide
    digiex , November 5, 2013 2:28 AM
    Enough of these scare tactics on XP, I'm really very scared at this moment, Ok, ok, I'll switch,...

    ...to Linux
  • -1 Hide
    digiex , November 5, 2013 2:28 AM
    Enough of these scare tactics on XP, I'm really very scared at this moment, Ok, ok, I'll switch,...

    ...to Linux
  • 0 Hide
    digiex , November 5, 2013 2:28 AM
    Enough of these scare tactics on XP, I'm really very scared at this moment, Ok, I'll switch,...

    ...to Linux
  • 0 Hide
    back_by_demand , November 5, 2013 4:25 AM
    So MS drops for a 12 year old OS that has since has 3 OS replacements - but

    http://www.tomsguide.com/us/apple-mavericks-security-update,news-17819.html

    Apple does it for OS versions older than a month?
  • 0 Hide
    vibol03 , November 5, 2013 6:29 AM
    Windows Defender is crap
  • 0 Hide
    stevejnb , November 5, 2013 7:57 AM
    While I completely understand why a lot of businesses have stuck with XP and why some people still like it, with how fast the technology world moves, being upset that a 12 year old OS is losing official support is a bit ridiculous. I can count the number of programs - outside of games - that are 12 years old that still get frequent use on one hand. The writing is on the wall, there is no secret about whether or not this is happening, so businesses are going to have to start considering changing OS's a necessary hassle/cost if they want continued support for the software.
  • 0 Hide
    Pherule , November 5, 2013 8:00 AM
    I hope any remaining XP users are using some form of HIPS defense, as an antivirus alone is not enough. I recommend Online Armor.
  • 0 Hide
    sykozis , November 5, 2013 9:36 AM
    @Somebodyspecial - Threatfire is a very poor solution. It hasn't been updated in 4 years and was easy to bypass before. Support for Threatfire ended when Symantec bought PC Doctor (which no longer exists). So, you're recommended an antivirus solution that has failed all but 1 VB100 certification (April 2011) in it's history while only being ICSALabs certified for Win7 32bit....alongside an antivirus application that is completely unsupported (and otherwise, useless). Honestly, VB100 is the easiest certification for any antivirus solution to obtain as it uses "known in the wild" virus samples that are openly available to all antivirus vendors. To fail such an easy test, only proves the antivirus solution to be ineffective. To this point, Comodo has refused to have their software tested by AV-Comparatives, which tells most of us that even Comodo has no faith in their own product.
  • 0 Hide
    hannibal , November 5, 2013 12:22 PM
    The problem is that you don't have to do anything stupid in the internet and still get problems when using XP! The only solution is not to allow any internet activity with XP machines!
    I am using win XP at this moment and using state of the art fire wall and virus detection program, but still am going to upgrade in the next spring to some other OS.
  • 0 Hide
    Ishkrish , November 5, 2013 3:28 PM
    Laughing at the articles this past 2 weeks being pushed to try and get people to drop Windows XP. Although all this information is valid and true, no one on windows xp cares.

    Looking forward to escalating warnings from microsoft, such as; Windows XP can cause cancer due to lack of support etc
Display more comments