Microsoft officially ends support for Windows XP Service Pack 3 on April 8. April 9 might be the worst day of the year for you, if not your life. Here's why.
Security experts have been predicting that malware creators all over the world are finding exploits anywhere they can within the OS and holding on to them. They know if they unleash an exploit now, it will be fixed. But if they are patient and wait, and hope Microsoft doesn't find the vulnerability, then they can use it for maximum gain come April 9.
The same holds true for Office 2003. Support for it ends on April 15, one week later. Office 2003 is still in wide use because it is on older machines running XP, and also some people prefer it. I was one of them. I never liked the ribbon interface introduced with Office 2007, but I also saw the writing on the wall.
Without Microsoft to fill the holes, security will fall to the third-party players like Symantec, Kaspersky, ESET, etc., but they don't have access to the operating system. They can only patch, and really good malware can get around those fixes. We're talking some very determined criminals here.
Estimates of how much XP will be left come April vary widely, from 20% to 33%. One thing is for sure - many of these systems will be compromised and become spambots, pumping out spam messages or becoming command-and-control servers for malware that control the spambots.
Microsoft has moved the expiration date for XP multiple times and is dead set against doing it again. After all, it costs money to keep supporting an obsolete OS. However, there is an outside chance that XP might gain a reprieve thanks to China.
Microsoft is facing pressure from China's government to keep support going, and with good reason. Almost 60% of Chinese PCs are running XP, while just 36% are running Windows 7 and almost none use Windows 8, despite Microsoft cutting the price to $49.
The deputy director of China’s National Copyright Administration was quoted in a national publication as saying the shutdown of Windows XP support could lead to more security threats and increased use of pirated software. "These practices affect the smooth operations of genuine software in China."
Microsoft has made exceptions for China before. While the rest of the world has been moved off MSN Messenger in favor of Skype, Microsoft lets MSN continue to run in China. That's just too big of a market to ignore or anger, given their proclivity to just pirate software.
But that's China, and that's a long shot. Even if you are 100% Windows 7/8 in your enterprise, April 9 could still be a dreadful day. First, because Microsoft reuses so much code, exploits found in one OS tend to show up in all of them. So many zero-day exploits being sat on right now might also impact Windows 7/8 machines.
Second, while your PCs might be secured, what's going to happen when millions of new machines are taken over and become part of botnets? Spam volume will undoubtedly increase, as will attacks. So don't think you can blithely go through the day in early April because you banished XP from your firm. You will feel some kind of ripples, one way or another.