Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Windows XP end of life, 12 months to go.

Published: 2013-04-11
Last Updated: 2013-04-11 02:00:23 UTC
by Mark Hofman (Version: 1)
1 comment(s)

The Microsoft Security Response Center put up a little note reminding people that windows XP will be out of extended support in 12 months time (http://blogs.technet.com/b/msrc/archive/2013/04/09/out-with-the-old-in-with-the-april-2013-security-updates.aspx).  From April next year there will be no more security patches or updates to the operating system.  Reality teaches us that that many organisations will still have Windows XP running within their networks at that time.  So as security professionals we should probably put the risk of an unsupported operating system in the environment in the risk register. 

How big a problem will it be? That will depend on the issues that will no doubt be released in May 2014. With the XP install base still being quite large it is likely that there are vulnerabilities that people are sitting on and may not release until after Microsoft has stopped support.  So we should work on the assumption that:

  1. we wiill still have XP in the environment
  2. there are going to be vulnerabilities that exploit the OS. 

Some of the common techniques that we use today may help address the issue.  Application whitelisting should help protect the operating system, assuming the products will support XP going forwards. Network segmentation will help contain any issues in the environment.  But essentially we are going to have to look at the problem of having known compromised machines in the network that we may not be able to do much about. 

I've put up a poll asking "What are your plans when XP is no longer supported" feel free to provide additional comments in the poll or here. How will your organisation deal with this?

Mark H

Keywords:
1 comment(s)
Diary Archives