How to minimize security risks with Windows XP

If you’re a Windows XP user, then yesterday (April 8) was the death knell for your operating system. Widely touted as Microsoft’s most successful and long-running operating system, support for it official ceased on that date.

Rarely has a technological product lasted as long as XP — from its launch on October 25, 2001 to its last Patch Tuesday this April 8, a total of 12 years, 5 months, and 2 weeks would have passed.

One would have thought that many folks would have migrated to newer OSes but a recent report by StatCounter revealed that almost one in five PCs is still running on Windows XP. As it is, he end of support for Windows XP simply means two things: newly discovered vulnerabilities in Windows XP will no longer be patched, nor will they be documented and acknowledged by Microsoft. So is this the end of the game?

“This represents a huge increase in the risk of using Windows XP. Over time, more vulnerabilities and issues would be found and exploited inevitably.” says David Siah, Country Manager, Trend Micro Singapore.

“While it can be said that the ever-decreasing number of Windows XP users may make it less worthwhile for cybercriminals to create exploits for an ageing operating system, it still exposes an opportunity to hack into it and steal information.”

Businesses which are still running Windows XP will eventually make the transition due to these risks but may not be fast enough. And there will also inevitably be cases where it is necessary to keep Windows XP going due to legacy issues.

So what are some steps and strategies that businesses can adopt if they do need to keep on running Windows XP?

Virtual patching and vulnerability shielding can be used to better manage the risks of legacy software and lower the administrative cost for companies, according to Siah. Such products scan and inspect network traffic before they reach the user’s applications, and provide an opportunity for servers and endpoints to be protected from vulnerabilities.

Another strategy would be in strengthening the endpoints with the use of supported security software. Finally, locking down these legacy systems completely may be even more appropriate, as it prevents unwanted and unknown applications and processes from running, thus reducing the risk of exploitation.