The never-ending Zero Day: Microsoft shuts down antimalware support for Windows XP users

Today is the day that leaves hundreds of millions of users exposed to malware attacks.

The reason?

Microsoft officially ended the support of its antimalware solutions for Windows XP users, namely the Malicious Software Removal Tool and updates for Microsoft Security Essentials.

Here’s a statement published on the official Microsoft website:

The Malicious Software Removal Tool and updates to Microsoft Security Essentials will continue to be provided for Windows XP through July 14, 2015.

By making these antimalware tools obsolete for lack of support and updates, Windows XP users will become more susceptible to persistent malware attacks.

Starting today, Windows XP systems won’t be provided with updates antimalware signatures that are used to find and remove known malware families.

In April 2015, around 250 million users still had Windows XP installed on their PCs. The latest figures for June-July 2015 tell us that around 12% of Windows users chose to stick with their XP operating system, which would amount to approximately 180 million users – a statistic that should not be ignored!

Source: Net Market Share.

Source: StatCounter

Moreover, April 2014 marked the end of extended support for Windows XP. Here’s what it means for the users who still choose to stick with this OS:

If you continue to use Windows XP now that support has ended, your computer will still work but it might become more vulnerable to security risks and viruses. Internet Explorer 8 is also no longer supported, so if your Windows XP PC is connected to the Internet and you use Internet Explorer 8 to surf the web, you might be exposing your PC to additional threats. Also, as more software and hardware manufacturers continue to optimize for more recent versions of Windows, you can expect to encounter more apps and devices that do not work with Windows XP.

 

Software that no longer offers support for Windows XP users

Naturally, Microsoft isn’t the only one cutting support for different Windows XP features and letting the 14 years old operating system to die a slow death.

Oracle also ended Java support for Windows XP starting July 2015. Updates for Java are no longer compatible with XP, also causing Java 7 and Java 8 browser plugins to fail to execute on Windows XP PCs.

Of course, this will cause massive security holes to appear in Java software used on Windows XP, as Java was the third most exploited application in 2014. Cyber criminals already know that Java is notorious for its vulnerabilities and they never fail to exploit it for malicious purposes.

Source: TrustWave 2015

Consequently, XP users will be vulnerable to notorious exploit kits, such as RIG, Nuclear, Angler, Fiesta or Magnitude.

For example, in 2015 alone, we have blocked 623 unsafe websites for Windows XP users in 22330 different occasions. Here are the top 10 potentially harmful destinations that our XP users tried to access:

pixel.adsafeprotected.com
ad.yieldmanager.com
logmeincdn.http.internapcdn.net
segment-pixel.invitemedia.com
angsrvr.r.worldssl.net
api.yontoo.com
flow.backupgrid.net
fw.adsafeprotected.com
uk-ads.openx.net
i.n.jwpltx.com

These websites accounted for 60% of all high-risk websites that Windows XP users were protected from since January 2015 until the present moment.

Moreover, since the beginning of this year, we have also released 18223 patches for 16 applications that our Windows XP users employed. The most problematic software applications, which required 67% of all applied patches, are the following:

It may come as no surprise that the Adobe Flash plugin requires the most attention, as we’ve depicted Flash’s security issues in a dedicated post, which we’re updating with every new critical Zero Day vulnerability. That seems now to be a weekly occurrence.

What’s more, Tim Rains, Chief Security Advisor, Microsoft Worldwide Cybersecurity & Data Protection, warned Windows XP users back in August 2013 that “Windows XP will essentially have a Zero Day vulnerability forever”:

The very first month that Microsoft releases security updates for supported versions of Windows, attackers will reverse engineer those updates, find the vulnerabilities and test Windows XP to see if it shares those vulnerabilities. If it does, attackers will attempt to develop exploit code that can take advantage of those vulnerabilities on Windows XP. Since a security update will never become available for Windows XP to address these vulnerabilities, Windows XP will essentially have a “zero day” vulnerability forever.

As a result, expect that Windows XP infections to skyrocket, especially now that users are vulnerable.

Infection rate (CCM) by operating system and service pack in the fourth quarter of 2012 as reported in the Microsoft Security Intelligence Report volume 14.
Source: Microsoft blog

 

Companies still using Windows XP are prone to cyber attacks with massive consequences

Cutting of support for these tools doesn’t only affect individual XP users, but companies as well.

System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection and Windows Intune run on Windows XP clients as well, so companies should pay special attention to securing these products and their environment.

We strongly recommend that organizations make sure that they do not include active installations of these products in their network.

The issue of XP still being used in companies could have even more serious consequences: Windows XP could have also been the vulnerability that brought on the massive Home Depot and Target data breaches from 2014 and 2013.

Jason Mick explores the scenario in his lengthy, but thought-provoking article on Daily Tech.

 

What should I do if I’m still using Windows XP?

You can choose one of two options:

1. Either upgrade your operating system to Windows 7, 8, 8.1 or the soon to be released Windows 10
2. Or continue to use Windows XP, but invest in strong security solutions to keep you safe from cyber threats.

Should you decide to upgrade your OS, there are plenty of security options to make a selection from. The 13 Step Guide to Secure your PC after a Fresh Windows Installation may come in handy as well in this situation, to help you get off to a good start in terms of security.

But if you decide that you want to keep using Windows XP, please consider the following recommendations:

1. Install and use a strong antivirus solution.

Antivirus may not protect you from all threats, but it’s definitely necessary. However, please keep in mind Microsoft’s warning:

Our research shows that the effectiveness of antimalware solutions on out-of-support operating systems is limited. Running a well-protected solution starts with using modern software and hardware designed to help protect against today’s threat landscape.

There’s a very helpful list created by AV Test that will show you if your antivirus solution of choice will continue to support Windows XP from now on or not.

2. Use a sturdy security solution that can shield you from advanced malware.

Antivirus isn’t enough, as you’ve maybe heard in several occasions. That is why we always recommend you use an additional layer of protecting that has proactive capabilities.

We’ve dedicated an entire blogpost to these types of solutions, which is worth a read.

3. Use an application that will automatically keep your software up to date.

Keeping your software updated is crucial, not only if you’re a Windows XP user, but in general. So make sure you install and use an application that will silently and automatically update your software as soon as new patches are released. These patched help close security holes and prevent exploits.

However, in this particular case of Windows XP, please consider that some applications are no longer supported – such as Oracle’s Java. This means that no updates will be delivered, so it’s a good idea to stop using these apps altogether if you want to prevent any security risks.

 

Conclusion

Since Microsoft decided to end support for Windows XP, we must urge users to leave the platform.

Of course we wish Microsoft decided to support the XP platform for a longer period, given its commercial success. But since things didn’t play out that way, it’s important for users to know that, if they don’t move away from XP, they stand to lose financial resources, personal information, critical professional files, etc. – assets which cyber criminals generally target.

From now on it will be easier than ever for cyber criminals to find vulnerabilities and penetrate the XP platform without getting noticed. And we can say with certainty that no user can afford to take that risks.