The UK Government has signed a deal with Microsoft to provide Windows XP support and security for 12 months after support ends next week.
According to Computer Weekly, the agreement is worth £5.548 million, and covers ‘critical’ and ‘important’ security updates for Windows XP, as well as Office 2003 and Exchange 2003, which also go out of support next Tuesday.
“Plans are already in place for organisations to migrate to other operating systems over the next 12 months. It is anticipated that the majority will have completed upgrades by April 2015,” a Cabinet Office spokesperson told the Telegraph.
According to Qualys, between January 2013 and February 2014 the percentage of Windows XP machines has dropped from 35 to 14 per cent and it is expected to drop to 10 per cent by the end of this month. CTO Wolfgang Kandek said: “The end-of-life for XP which has been announced for a number of years now, means that computers running XP will be very attackable in the near future.
“Over 70% Microsoft’s security bulletins in 2013 affected XP, and there is no reason to assume that this will change in the near future. XP will be affected by a large percentage of the problems exposed in May, June and July, but there will be no remedy (except for companies that pay for extended support – an option that is at least US$ 100,000/year).”
Stephen Bonner, partner in the information protection and business resilience at KPMG, predicted that Microsoft will release patches. “Just because they are saying they will does not mean that they will not, it is because they want users to upgrade,” he said. “Most large organisations will have an unsupported solution and there are some risks associated with it. Big organisations are not a large challenge and will have NT running. The large organisations are dealing with it.”
Ross Brewer, vice president and managing director for international markets at LogRhythm, said: “A huge number of organisations are still using XP and once Microsoft stops supporting it next week they are going to find themselves with gaping security holes. Time is now swiftly running out for those businesses to upgrade to a new operating system and it is likely that hackers will already be planning their attacks to exploit these vulnerabilities. Unless some form of action is taken now, anyone operating XP should be concerned.”
Kevin Linsell, head of service development at Adapt, was critical of the cost to tax payers, as this works out at around 18p per tax payer. “This doesn’t seem like much, but it does beg the question – why are we spending this money when we could have met the deadline in the first place? Microsoft made their end of support for XP known more than five years ago,” he said.
“There are several reasons why an organisation may not have migrated away from XP. Budget is clearly a main concern for the public sector and migrating away from XP can bring other internal challenges such as training on new systems, updating templates and making sure applications are compatible. When it comes to system security though, planning is key and the government needs to make sure it’s not ending up in a cycle of unnecessary payments, when a well-planned migration can provide a resilient long-term solution.”