Paul Kenyon
February 12th, 2014

Microsoft extends limited security support for Windows XP – but is this enough?

Microsoft has announced that it will continue to provide updates to its anti-malware signatures and engine for Windows XP users until July 14th, 2015. But what does this really mean?

The end of support for the operating system as a whole is April 8th, 2014, and this extended security service isn’t enough to keep organizations secure.

Even though the anti-malware features will be maintained in updates for XP, it doesn’t mean organizations still running XP have been given a stay of execution. The updates that Microsoft is offering will provide minimal protection, and is not a substitute for migrating to Windows 7 or 8.

Many firms will already be using third-party products for their anti-malware protection, so it’s questionable whether anti-malware support actually makes any significant difference. Common feeling is that XP’s vulnerability is caused by its obsolete security design, being over 12 years old, and the fact it won’t benefit from ongoing OS updates, rather than its anti-malware capabilities.

The fact is that XP will be unsupported. For this reason, any business that hasn’t yet migrated must continue to put plans in place to move to newer and more secure operating system before April 8th, or as soon as possible thereafter.

Surprisingly, XP is still the second largest Microsoft OS, with its share of Windows desktops dropping just below 30% at the end of 2013 according to market research firm Netmarketshare.

Figure 1: Windows OS market share, 2013 (
Windows OS Market Share 2013

Over the last 12 months, we’ve seen a huge in increase in businesses talking to us about their Windows migration projects and how to overcome some of the challenges faced by IT teams managing the migration of hundreds or thousands of users from the old XP system to the newer Windows 7/8 platforms.

The “all or nothing” approach to admin and standard users and Microsoft’s UAC prompts has amplified the dilemma of high security vs. user lockdown. Of course, removing admin rights carte-blanche can cause extreme frustration, as users suddenly find themselves without access to applications they need to get on with their daily tasks.

But with the dangers of admin rights clear to see – especially in the wake of data breach incidents such as Edward Snowden and more recently, the retailer Target – organizations must find a way of managing their endpoint estates effectively – without impacting on user productivity.

Read more about how Avecto’s proactive endpoint security software, Defendpoint, uniquely combines the technologies of privilege management, application control and sandboxing to protect the operating system, software environment and user data from unknown cyber threats.

More from the Blog

Related technology and security insights

  • 28
  • Story related

    NotPetya ransomware: Attack analysis

    On June 27, 2017 a number of organisations across Europe began reporting significant system outages caused by a ransomware strain referred to as Petya. The ransomware is very similar to older Petya ransomware attacks from previous years, but the infection ...