Blog

XP and Server 2003 End of Life

Dec 11, 2014

file0001889523707.jpgProper disposal method for an XP CD. (Just kidding, please don't light any fires.)

Here at Tech Plus Consulting we know that many San Francisco Bay Area businesses still use the Microsoft Windows XP and Server 2003. I mean why not? They are stable operating systems, some of Microsoft’s best, and the interface is straight-forward and easy to use. Unfortunately Microsoft’s support for XP ended on April 8 of 2014 and Server 2003 is coming up in July of 2015. This means that businesses need to move away from them. The end of support means that XP will receive no more updates from Microsoft. It also means that many third party companies will stop making sure that the updates for their software is compatible with XP.

For the most part this isn’t an issue for stability updates, as XP is already a pretty stable operating system. But the real issue here is that no more security updates will be available for it. Any good IT company will tell you that without these security updates any holes in the operating system’s security will not be addressed.

When Microsoft finds a security hole they release a fix for it. This means that any computer without these issues patched is vulnerable to outside intrusions and viruses designed to take advantage of these flaws. This is now especially dangerous for XP users as when Microsoft finds issues with newer operating systems like Vista and 7, they announce them to the world. Since many parts in these newer operating systems are the same or at least based on the same systems in older operating systems such as XP this means hackers will know what they are. According to Sophos Computer Security’s James Lyne, “There is a lot of commonality between (operating system) platforms” and “While security researchers are . . . patching the new stuff, their work in those spaces is likely to reveal flaws in the no longer . . . maintained Windows XP.”

Since XP users will not get a fix for these vulnerabilities, they will have no protection against them. These dangers can be mitigated to an extent by steps like making sure that you have a good, up to date anti-virus installed. However, this still will not protect you from major vulnerabilities as an anti-virus cannot make changes to your operating system or its components.

These security issues mean that the operating system is also not viewed as acceptable by many major businesses and industries. For example, some of our San Leandro IT support clients at Tech Plus Consulting are companies working in the healthcare field who are required to be “HIPAA” compliant. HIPAA, or the Health Insurance Portability and Accountability Act, is designed to protect secure information about patients, treatments and insurance. If the required standards of this act are not met, the company failing to do so can be fined heavily as punishment for it. And since they would then be required to become HIPAA compliant, this means they would still have to make the change after paying the fines, so it is far cheaper in the long run to do this change on their own now.

An excellent example of the kinds of issues that this can lead to is a recent exploit discovered in Internet Explorer. This exploit allowed hackers to take control of other computers connected to the internet via their Internet Explorer. The issue was discovered in late April of 2014, less than a few weeks after XP support ended. Thankfully for this specific problem Microsoft made an exception and released a patch compatible with Windows XP. However they made it clear that this was a one time decision. This means that any issues like this, which left millions of computer open to outside control, will not be fixed in the future when they arise.

These kinds of issues, which are the heart of why regulations like HIPAA exist, are a danger to other industries as well. Whether you are a lawyer, accountant or vendor of any type, it is essentially a foregone conclusion that you have secure data stored on your computer. From client billing information to social security numbers, these are serious pieces of information that need to be properly secured. At Tech Plus Consulting have been hard at work upgrading our customers to supported operating systems, do yourself and your business partners a favor and make the switch too.

About Tech Plus Consulting LLC: Tech is an IT company that specializes in small business managed IT including computer networking, server management, computer maintenance, application support, and cloud computing. Tech Plus Consulting is headquartered in The Uptown Lake Merritt district in downtown Oakland, California.

Contact: Chris Stovle, Tech Plus Consulting LLC, (510) 764-1959, 1904 Franklin St Suite 519, Oakland, CA 94612




Category: Software Support

Add Pingback

Please add a comment

You must be logged in to leave a reply. Login »