I have a personal laptop that I was going to leave on XP but the more I read about the potential problems, the more I am looking at upgrading to Windows 7. The link below will take you to the Windows Upgrade Advisor. Download and run the Windows Upgrade Advisor to see if your PC is ready for Windows 7. It scans your hardware, devices, and installed programs for known compatibility issues, gives you guidance on how to resolve potential issues found, and recommends what to do before you upgrade.
If your PC is not up-gradable, now is a great time to look at a new PC. The upcoming holiday shopping season always brings some great deals on technology. Give Synergy a call and we would be glad to help you with your purchase and get your data loaded on a new PC!
Microsoft Security Research Paints Bleak Picture for XP Users
Summary: The latest security threat report from Microsoft shows the outlook for Windows XP users is getting grimmer. Things are bad, getting worse, and in six months the trouble really starts.
By Larry Seltzer for Zero Day |
The 15th and latest of Microsoft’s Security Intelligence Report (SIRv15) has been released. We spoke with Tim Rains, Director, Trustworthy Computing at Microsoft about the results.
There are a lot of periodic threat reports from companies in the security business, but Microsoft’s report is based on an probably the broadest set of data in the industry: they gather information from over 100 countries; more than 1 billion systems which use Windows Update, the Malicious Software Removal Tool (MSRT) and Microsoft’s free Security Essentials program; more than 400 million Outlook.com accounts and millions of Office 365 accounts; and from the billions of web pages scanned every day by Bing.
Though there is other data in the report, Rains chose to focus this month on the situation as it relates to Windows XP users. Citing third party data, he said that 21% of users are still running Windows XP, which will reach end of life in April 2014, after which no security updates will be issued for it.
As we have noted before, once the last Windows XP patch is issued (likely on April 8, 2014), unpatched vulnerabilities will begin to emerge. Some will have been saved by attackers for the time when there will no longer be a chance for it to be patched. Rains brought up another likely scenario: In subsequent Patch Tuesdays, Microsoft will patch vulnerabilities in Vista and later versions of Windows. Malicious researchers will reverse-engineer these updates, test to see if they affect Windows XP (most will), and write exploits for them targeting XP.
Even before all this happens, the vulnerability situation for XP users is bad compared to later versions of Windows. In the chart below we see two measures, based on data from the MSRT Software Essentials and a few other Microsoft sources: on the left is the number of computers infected with malware, and therefore cleaned of it. On the right is the percentage of systems that encounter or block malware.
Windows XP users are many more times as likely as Windows 8 users to be infected by malware- source: Microsoft
There is some variability in the Encounter Rate, but all four Windows versions are fairly close to one another. The infection rate, on the other hand, clearly shows that Windows systems have gotten more resistant to attack over time. At the extreme, Windows XP users are almost six times more likely to become infected with malware as Windows 8 users. Globally, 17% of systems encounter malware.
Why are Windows XP users more vulnerable now? Because Microsoft has steadily incorporated defensive technologies into Windows with each new version. The only major technology XP had was Data Execution Prevention (DEP), and even the implementation of that has improved greatly in subsequent versions. As this next chart shows, the number of disclosed vulnerabilities which bypass DEP in Windows XP has steadily increased over the last few years.
The number of CVEs for which exploits were written that could have been mitigated by enabling DEP as compared to the number of CVEs that had exploits that bypassed DEP. (source: Microsoft)
Windows Vista, Windows 7 and Windows 8 all introduce new technologies that may block exploits that would get past DEP.