April 8, 2014 is the date when no one is supposed to be using Windows XP anymore, as Microsoft would officially retire the operating system and push everyone to newer platforms.The problem for Redmond is that users don’t really seem to care about all its security warnings and more than 30 percent of them are still running Windows XP right now.
Microsoft, on the other hand, goes on with its kill Windows campaign, this time using a statement supposed to bring in the spotlight the security risks of staying on XP beyond April.
Microsoft spokesperson Holly Stewart told ThreatPost that the company patched a total of 30 zero-day vulnerabilities this year, so without patches, there would have been 30 ways to exploit your operating system.
“From a security perspective, this is a really important milestone,” Stewart said. “Attackers will start to have a greater advantage over defenders. There were 30 security bulletins for XP this year, which means there would have been 30 zero-day vulnerabilities on XP [without support].”
Stewart has also explained that Windows XP is easier to hack because it’s based on older technologies, so cybercriminals already have the necessary know-how to break into machines still running this particular operating system. And without patches, everything is getting much worse.
“Older software is easier to break into and over time, cybercriminals learn how to bypass mitigations,” Stewart explained. “XP is no different. A good example is DEP (Data Execution Prevention) which was not commonly bypassed when it was released. The utility of that mitigation has degraded year over year.”
Of course, Microsoft expects all Windows XP users to move to either Windows 8 or Windows 8.1, but it turns out that the number one destination remains Windows 7. At this point, Windows 7 is powering more than 45 percent of computers worldwide, and the market share is very likely to grow bigger as we get closer to XP’s end of support date.