Rumors of XP’s Demise Are Greatly Exaggerated

Old_computer_3When Microsoft launched XP in 2001, little did they suspect that 33% of the world’s computer users would still be using it as their operating system of choice 12 years later. But that’s the reality and the vexing challenge they face today as they try to figure out how to phase out an operating system that has been their most successful product to date.

Providing software support is expensive, particularly when you are trying to develop and advance new products at the same time. Devoting skilled programmers to maintaining old software is a difficult personnel management decision. It is challenging and time-consuming for programmers to chase down bugs, particularly in code someone else wrote. Furthermore, those types of jobs certainly aren’t the most appealing to most programmers, who would rather develop cool new features than work on grandpa’s solitaire crash fix.

So, Microsoft made the reasonable decision a couple of years ago to set an expiration date for Windows XP. They explained that it was time to move on from this old system, and that, as of April 2014, they would no longer be supporting the product. Once XP officially expires, Microsoft will no longer issue patches to fix its bugs. That means that users will either have to move to new operating systems, or they will have to live with those bugs forever.

This wouldn’t be such a big issue if it weren’t for two things: (1) there are lots of legacy systems that companies are unwilling or unable to migrate to newer platforms, and (2) these bugs aren’t related to Minesweeper or even to doing a mail merge; many concern computer security.

That latter problem is a big one. It is good software engineering practice to create new products from existing ones, to build upon code that already exists and is known to be working and stable. So, there is a lot of code in Windows XP that found its way into Windows 7 and 8. When a new security vulnerability is found in Windows 7, therefore, it is very likely that that same vulnerability is also in Windows XP. Currently, since Microsoft still supports XP, when it releases a patch to fix a problem with Windows 7, it likewise releases patches for Windows Vista and XP.

That practice will end when Microsoft pulls the plug on Windows XP in eight months. After that time, security vulnerabilities will no longer be fixed in XP, and so they’ll become prime targets for attackers interested in gaining a foothold into legacy systems using this old but celebrated platform.

Speculation runs rampant that Microsoft will blink on this one and continue to support XP in some limited capacity after their declared expiration date. Here’s hoping they do. Otherwise, XP’s ride into the sunset is going to be ambushed.

About Ray Klump

Associate Dean, College of Aviation, Science, and Technology at Lewis University Director, Master of Science in Information Security Lewis University,, You can find him on Google+.

Leave a Reply

Your email address will not be published. Required fields are marked *