XP support has ended – How long have you got before your systems are hacked?

Alert

All good things must come to an end and, as of 8 April, Microsoft Windows XP has finally been lain to rest in the Microsoft graveyard alongside Windows 2000, NT, 95 and all the other legacy products where development has ceased.

See the official Windows Announcement here 

This means no new Windows Updates to download and apply – Hooray! No more patches ever!

Unfortunately, this also means there will be no more fixes or enhancements forthcoming. Aside from potential compatibility issues with applications that are still being developed and improved, this also means that, for any new vulnerabilities discovered in XP, there simply will not be any means of remediation. The result is that XP will become a sitting duck for hackers, inexorably becoming more and more vulnerable to attack over time.

 

What is the Solution from Microsoft?

Upgrade now, says Microsoft. Go Windows 7 or 8.1 and you gain a continually-improving operating system, fundamentally more secure than XP to begin with but with the full backing of MS development to head-off any new vulnerabilities as and when they are discovered.

Aside from the cost implications in license upgrade fees, the resource requirements needed to migrate can be huge, which is why there is still an estimated 95% of the world‘s ATMs being powered by Windows XP. Considering that there are 420,000 ATMs in the US alone.

The migration to a new OS is indeed a massive endeavor. Likewise, the overwhelming majority of POS systems are XP-powered for the same reason, the risk and expense of migration have resulted in leaving the problem for another day.

 

What Should You Do If Upgrading to Windows 7/8 isn’t a Viable Option?

And that day has now arrived. So if Microsoft isn't going to provide any security cover for your XP systems, what other options are there to improve protection and provide contingency in the event that systems are breached?

Unless you have already established a hardened build standard for XP, now is the time to do so. By leveraging the ‘natural’ built-in protective defenses for XP, all current known threats and vulnerabilities for the OS can be mitigated. Use of a vulnerability scanning tool, equipped to audit the XP systems against a consensus-based Vulnerability Checklist, such as the CIS Benchmark for XP, will reveal any Security Policy settings that can be utilized to close off as many known vulnerabilities as is possible. The hardened XP system, equipped with AV and firewalled at the perimeter will go a long way to avoiding cybersecurity threats.

Any subsequent patching of 3rd party applications or configuration changes to the XP system may re-introduce vulnerabilities, so it is vital to scan regularly, or ideally, use a continuous vulnerability monitoring solution like NNT Change Tracker or Tripwire ® Enterprise. Time is of the essence is mitigating vulnerabilities when they are introduced so a continuous or real-time scanning system is considerably better than a one-off periodic scan using a Nessus-type system.

However, since new vulnerabilities may be discovered at any time, it is imperative that your security best practice measures include some form or ‘what if’ planning. The breach at Target reminded everybody that even with PCI DSS measures in place if the organization ‘drops its guard’ at any time, threats are waiting to take advantage.

Real-time FIM provides the perfect Host Intrusion Detection system. Any change to a system file (as was the case at Target, the BlackPOS malware created a winxml.dll Trojan) will be detected immediately and an alert raised. Similarly, if new services are added or enabled, or there are subtle registry changes, a good real-time FIM system will record these as violations of the XP Hardened Build configuration and allow the breach to be stopped before lasting damage is done.

 

Conclusion

In conclusion, time is up for XP and it is imperative that a migration is planned to a secure, supported operating system. In the meantime, use of 3rd party breach prevention and detection technology is more vital than ever.

Alert

Cloud and Container Security
The Most Powerful & Reliable Cybersecurity Products

change tracker gen7r2 logo

Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.

FAST Cloud logo

Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)

vulnerability tracker logo

Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.

log tracker logo

Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds

Contact Us

Corporate Headquarters

Netwrix
6160 Warren Parkway, Suite 100
Frisco, Texas, 75034

Phone 1: 1-949-407-5125

Phone 2: 888-638-9749 (toll-free)


[email protected]
 

United Kingdom

Netwrix
5 New Street Square
London EC4A 3TW

Phone: +44 (0) 203 588 3023


 [email protected]
Information
SC Magazine Cybersecurity 500 CSGEA Winners 2021 CIS benchmarking SEWP Now Certified IBM Security
Copyright 2024, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.