A considerable number of users currently utilize Windows XP as their operating system of choice. However, Microsoft announced toward the end of last year that it will discontinue support of the system April 8, 2014. Workstations that continue to operate on the platform after this date will be at a high risk of data leakage, as this includes not releasing security patches.
According to Microsoft, this change comes as a way for the company to better utilize their resources, and increasingly invest in more recent technologies.
“[A]fter April 8, 2014, technical assistance for Windows XP will no longer be available, including automatic updates that help protect your PC,” Microsoft stated on the company blog. “If you continue to use Windows XP after support ends, your computer will still work but it might become more vulnerable to security risks and viruses.”
After this announcement, the organization went on to encourage users to migrate systems to another, more protected platform, by stating that devices utilizing Windows XP will be 66 percent more likely to be attacked, Computerworld reported. Trustworthy Computing group director Tim Rains said that after support ends, the attackers will have the upper hand over defenders.
“After April…when we release monthly security updates for support versions of Windows, attackers will try and reverse engineer them to identify vulnerabilities that also exist in Windows XP,” Rains said. “If they succeed, attackers will have the capabilities to develop and exploit code to take advantage of them.”
In this way, organizations that continue to run unpatched versions of the operating system will be at a much higher risk of data leakage through security vulnerabilities targeted through released security updates.
Furthermore, Tech Republic noted that this will create issues for groups that must remain compliant with industry regulations. For example, the Health Insurance Portability and Accountability Act requires the medical practitioners adequately protect sensitive patient information, including past and present services and payments. If these groups do not migrate to another operating system, their patient files are at a significant risk and they are directly noncompliant with HIPAA.