XPocalypse later?

English: This is a photo of a room full of com...

(Photo credit: Wikipedia)

Well it’s two months after the so called XPocalypse; the terrible wave of exploits that security experts predicted devastate the ancient operating system and I’m busy washing the remains of the egg off my face!

No sign of World-wide XP-specific attacks even though Microsoft were one of the first to shout in October 2013, when Tim Rains, director of Microsoft’s Trustworthy Computing group, cited statistics from the firm’s own telemetry to suggest that post-retirement Windows XP malware infection rates could jump dramatically.

But what did we get… zip, nada, zilch and a fair bit of egg on my face not to mention soem suspicions about talking many of my clients into dumping their tried and trusted old OS friend for it’s newer brother.

Last month a hack duped Windows Update into serving Windows XP systems with patches, but patches were from Windows Embedded POSReady 2009. That version, admittedly based on Windows XP SP3, was designed for point-of-sale systems, particularly cash registers, and automated teller machines. “Of course they say it is a bad idea to use the hack, they want people to move to Windows 8 and later Windows 9,” chimed in a reader identified only as “nilst2011” in a comment appended to the Computerworld news story.

But perhaps the good news, depending on your point of view, is that a zero day exploit for XP is not likely to target your ancient dual-core but be developed for a specific purpose and the available market of high-value Windows XP targets is dropping with every month, in short Cornficker 2 is probably not going to happen. In the last 12 months, XP has dropped 12.5% losing 33% it’s share as of May 2013, according to analytics firm Net Applications. If Windows XP continues to lose user share at its current tempo, it will be powering less than 10% all personal computers a year from now.

Meanwhile, despite the yolk being on me I’ll continue to recommend that users either install Windows 7 or 8 or buy a new machine. In the long run, I know it makes sense, in the short run, I hope my clients do as well.


Xpocalypse Now?


Windows XP

Windows XP (Photo credit: Wikipedia)

It’s past April 10th 2014 so I’m assuming you have all upgraded your PCs from XP to, well practically anything really!


OK, well you’re not the only one, leaving aside the corporations willing to £150 per machine per year for continued XP support (and probably only critical updates) if you still have XP what should you do now.

Emergency Check List
1. Start thinking about an upgrade, the longer you leave it, the more painful the upgrade will be…
2. Check to see your you are up to date on the pre-April updates.
3. Stop using Internet Explorer now, it’s linked to the Windows system and will be vulnerable followed by more vulnerable in the coming months. Choose Firefox or Chrome or Opera as your main browser. Install it today!
4. Stop using Office 2003 if you have it switch to 2007

If you have simple Word Processing and Spreadsheet needs, consider Outlook.com the MS email system comes with free cut down online copies of their Word and Excel applications.

5. Stop using Outlook Express – you should have done that years ago anyway. Invest in a copy of Outlook 2007 or later.

Update everything else, Java, Flash etc but check Java first if you don’t need it, uninstall it it’s a security vulnerability.

Basically, if you elect to stay with XP you are in the warzone, depending on what the hackers and malware exporters do next, you will either have no problem at one end of the spectrum or be the source of viruses and malware to thousands of other machines at the other.

No really knows the full extent of the problem, but the advice from the experts is that Microsoft have given you no real choice but to dump XP in favour of something else. I’ll talk about the options in another post soon.

XP Migration – don’t get left behind


XP migration need not be a nightmare!

I was asked a question on Monday that I hoped I would not hear it was “This XP thing, if we do nothing, what will really happen?”

This was a question from the person in charge of IT at my “day job” like a lot of small companies her role includes a lot more than just IT and often as not it was the IT that tended to get shunted to the end of the list. With my professional hat on and because I was a company user, I had hoped that my lectures on the need to move from XP to something more modern (delivered since Autumn of 2013) had not fallen on deaf ears but guessed that time and money both the enemies of our business had once again worked their evil spell and the chances of anything changing before 8th April 2014 was now remote.

The experts are fairly clear on this and according to them it is likely XP will be targeted by hackers support ends. But my overworked colleague is not the only one wondering if she can get away with doing nothing at all! It is estimated that as many as 30 per cent of firms have not upgraded from XP which begs the question why?

1. Cost: aside from the investment in new machines, there is also the time and money to do the upgrade. The company I work for uses an IT firm and one can guess that they will be looking for many thousands of pounds to do the work. But this needs to be set against the dangers of the loss of private data which could incur fines and the loss of productivity since a single compromised machine could bring the entire network of a business to a halt. It was mentioned that since my firm is small and unimportant they were unlikely to be targeted, a comment which simply proves the need for IT experts in all businesses! An upgrade to Windows 8 now could save thousand in the medium to long term.

2. Time: Many businesses are concerned about the time it will take to migrate to another operating system; it can take larger firms up to 30 months. Small firms can install and migrate in a fairly short space of time. I estimate the 100 or so machines we would only need 300-350 hours of install and migration time and with a server install this time could be reduced still further. Once you have completed the upgrade the time savings will be huge.

3. Training: I hear this one a lot, my own company is concerned that staff won’t adapt to the new operating system and while this may be true for some staff, many will already have Windows 7 or 8 in their homes and be used to using Android or IOS systems on their mobile devices. Often concerns like these will be more about the issues of senior management who are occasional users compared to their staff who will adapt easily. Which lead us neatly to the last item…
4. Fear of the new: Many businesses stick with XP simply because they are used to it and believe their staff are the same. They’ll trot out hardware excuses and concerns about some older application, but XP is more than a decade old and feeling its age. Even if it continued to be supported by Microsoft it is losing ground to its younger siblings and companies need to think that poor performance means poor productivity. In business outputs are all so it always surprises me that SME will often tolerate IT that would be more suited to an episode of “Flog It!” even though it costs them money they don’t have!

The message is clear, fail to upgrade at your own risk, you could be fine (for a while) or you could see your entire network corrupted. The danger is real and any reasonable prediction sees would be hackers trying out any and all vulnerabilties – simple because they can!

As for my lot in the day job, well I would not be surprised if they are not calling for the PCBloke in the very near future!