Tuesday, August 20, 2013

Microsoft Windows XP Upgrade or Risk Infinite “Zero-Days”

Update Software - Microsoft Windows XP
Image Credit: Computer Weekly
For everyone who is using Microsoft Windows XP, you may want to abort the program.  The 12-year-old operating system will no longer have support by next April. You need to upgrade your  Microsoft Windows XP or risk infinite “zero-days”.
Tim Rains, director of Microsoft Trustworthy Computing, posted a blog last week reminding customers of the risk they would be taking if they continued to run Windows XP.  All users are urgently asked to upgrade to Windows 7 or 8.
April 8, 2014, Windows XP will have a Service Pack 3 (SP3) stating that customers will no longer receive secuity news updates.  Also, non-security hotfixes, free or paid assisted support options and online technical content updates will no longer be available.
When Microsoft ends support for Windows XP, it will probably be vulnerable to outdated Windows versions.  So attackers and spammers will have free reign on XP endpoints.  With that said, Windows XP will have a ‘zero day‘ susceptibility forever.
With knowledge of zero-day, you will never know if you can trust the computing base system you are on.  Attackers know about this vulnerability and are well aware of the compromised situation.  You must stay ahead of the game, and protect yourself.

Who’s In?

According to a study handled by VMware, 64 percent of enterprise-size companies have not migrated to Microsoft Windows XP.  52 percent of midsize firms and 61 percent of SMBs are also at risk.
“Common challenges such as end-user-downtime, data loss, migration failures and effort to upgrade remote employees can all be avoided if you plan ahead, “wrote Sarah Semple, VMware’s director of product marketing.
Many companies haven’t switched over because of the cost of the implementation.  It is estimated that, based on a 10,000-PC environment, the expense of migration is between $1,205 and $1,999 per machine.  That is a lot of money, but if you look at the risk your company is susceptible of , it is very much worth it.

The Flaws

Microsoft also has 33 other flaws aside from the zero-day vulnerability.  The software giant issued seven bulletins in early July, six of those were rated “critical”.  The flaws urgency to be fixed in Microsoft Office, Internet Explorer, DirectShow, .NET, and Silverlight are targeted.  Remote attackers will gain access of discerning systems and files.
One of the flaws reported, had Metasploit module created and alows an attacker to elevate system privileges.

Trash Microsoft Windows XP System

A Windows True Type Font parsing vulnerability that appears in three independent bulletins is also concerning, because it is found in an assortment of Microsoft products. – Technical Manager of Security Research and Development Group at Tripwire.
Microsoft revealed a new policy that requires developers to create apps for the Windows Store, Windows Phone Store, Office Store, and Azure Marketplace to fix any security vulnerabilities within a definitive time frame.  This policy demands developers to fix these security issues within six months.  The company declared the right to remove an app from any store that is being targeted or if it exceeds the six month brink.
So tell your friends and co-workers, get rid of Microsoft Windows XP before you put yourself at risk of an unnecessary attack.

Microsoft: Upgrade from Windows XP or risk infinite “zero-days” – SCMagazine
August 19, 2013
Microsoft Patches Windows Zero-Day Flaw, Serious TrueType Error – CRN News

Don’t miss out on the latest tech news and computer security alerts! Follow us on Twitter at @hyphenet,  “Like” us on Facebook or add us to your circle on Google+.

No comments:

Post a Comment