SAN FRANCISCO (AFP) ― People clinging to Microsoft‘s aging Windows XP operating system will be left to fend off cyber criminals by themselves come Tuesday.
On April 8, the U.S. software colossus will stop patching newly found security holes in Windows XP code that hackers could exploit to slip into computers.
Despite Microsoft’s long-heralded plan to stop “supporting” the nearly 13-year-old operating system, it still powers from 20 to 30 percent of Windows machines around the world, according to industry estimates.
“I am sure you have everything from police departments to banks to legal offices to restaurants,” Trustwave director Christopher Pogue said while discussing the extent to which Windows XP is still used.
“Think of a business and they probably run XP; I would say everyone is in equal danger.”
U.S.-based Trustwave specializes in helping businesses fight cyber crime.
Microsoft support entails regular security updates, but when it stops issuing patches to defend against freshly revealed hacker tactics aimed at XP, those using the operating system will need to enlist their own software wizards or live with mounting threats.
Hackers might already know of new ways to break into XP-powered computers but be waiting until after Tuesday to attack because Microsoft will no longer step in to thwart them, security experts say.
“You are talking literally millions of computers systems that will cease to receive regular security updates,” Pogue said.
“That is obviously causing a panic because of new vulnerabilities that will be introduced.”
Microsoft has released several generations of Windows since XP made its debut in 2001.
The most recent version is Windows 8, tailored for a world enamored of touch-screen computers and services hosted in the Internet “cloud.”
Given the rapid evolution of computer hardware and the short lifespans of devices, newer computers bought by consumers are likely running newer versions of Windows.
Of concern, though, are small businesses that stuck with XP because they have grown accustomed to it and it gets the job done.
Sectors thought to be more prone to holding on to XP include those with relatively unsophisticated computing needs along with emerging markets or schools where money is tight.
Particular worry is being expressed for automated teller machines, many of which are reported to rely on Windows XP.
ATMs could become vulnerable to hacking, particularly independent machines in small shops or bars that aren‘t owned by banks which are more likely to invest in software security, according to Gartner analyst Michael Silver.
“In a lot of cases, it is that Windows XP is good enough and people didn’t see the business value to spending money to upgrade,” Silver said of businesses hanging on to XP as new versions of Windows came and went.
“It is a risky attitude, given what issues they could have. These folks knew this was coming, too.”
The pain of “migrating” to new operating systems includes making sure software programs depended on by businesses will continue to work. Computers running Windows XP cannot easily be upgraded to the newest Windows version, and that means the users would need to buy new machines.
While Microsoft stands to benefit through sales of new devices using Windows 8, organizations resigned to the aggravation of system changes could be open to considering what rivals such as Apple or Google have to offer.
“The risk for Microsoft is that people will migrate to somewhere else,” said analyst Rob Enderle of Enderle Group in Silicon Valley.
“They should have never allowed it to get this bad.”
The global estimate of the number of XP-powered computers may likely be skewed by the China market, where there is widespread use of pirated versions of the Microsoft software, according to a post by computer protection analyst Graham Cluley at WeLiveSecurity.com.
Given that Windows software powers more than 90 percent of the world‘s computers, even a small percentage of machines running XP in any country could translate to high numbers.
Computers running XP will make the Internet a more dangerous place for everyone since hackers can launch cyber attacks from infected machines or valuable information about customers from businesses, Cluley argued.