14 DAY TRIAL // Windows XP will soon reach end of support, so Microsoft, together with partners and authorities across the world strive to show users the risks of staying on this particular platform after retirement.
The data security unit of UK surveillance agency GCHQ says in a new paper that all users are strongly recommended to “migrate away from obsolete software,” while also providing new instructions on how to make sure that no data is exposed due to Windows XP.
“It is strongly recommended that all organisations using Windows XP, Office 2003, Windows Server 2003, Exchange 2003 and Sharepoint 2003 should upgrade to supported software before their respective ‘end of support’ dates. After these dates there will be no security patches published for these products,” the documents read.
“The upgrade of high risk end user devices should be prioritised. These include devices used for corporate remote access, as they will be subject to greater physical threat and be more susceptible to network-borne attacks. Devices that can access more sensitive information or services, including personal data, should also be prioritised.”
An interesting piece of advice concerns corporate networks, with the paper clearly explaining that remote workers running Windows XP should no longer be allowed to connect to servers online.
Such a remote connection exposes the computer and the network, it’s explained, so removing remote access from Windows XP devices is the best way to prevent any potential attacks.
“Some remote access solutions include end user device posture checks on incoming connections. It may be possible for those posture checks to enforce that no Windows XP devices can be used to remotely access corporate systems,” the UK organization notes.
“This will reduce the risk of the enterprise network being exposed to a compromised unpatched device. This control would only help protect the enterprise network from attack as it does not protect any data stored or cached on a Windows XP device.”