Sophos’ Paul Ducklin warns that Windows XP users could become part of spam campaigns

Feb 5, 2014 04:18 GMT  ·  By

Windows XP will be officially discontinued on April 8, but more than 29 percent of the users are still running it right now, which is quite living proof that the transition to another OS won’t be completed in time.

And still, Microsoft and security experts across the world warn that sticking to XP is very dangerous, especially because cybercriminals could use Windows XP machines to expand their spam networks, as no security patches and updates would be delivered.

“If you keep using XP as your general operating system after the cut-off, you won't get security fixes, which of course means you are more likely to get owned and infected with malware. This means you could unintentionally become part of the spam problem,” Paul Ducklin, senior security analyst at Sophos, told V3 in an interview.

“I don't want to 100 percent say this is inevitable, but it is certainly a very real possibility. The lack of support is going to make XP users harder to defend and crooks know it. Think about when Microsoft issues its first series of patches for Windows 7 and Windows 8 after XP support ends. In this situation a patch for Windows 7 could very well point criminals to the magic hole in Windows XP.”

Windows XP is at this point the second top OS worldwide, but Microsoft still hopes that it would be able to cut its market share down to 13 percent by the time the retirement date comes.

The company has already announced that while Security Essentials would continue to receive updates on Windows XP until mid-2015, no new installations would be allowed on Windows XP once end of support comes, in an attempt to show users that the security risks of staying with this OS version are too big.