Windows XP Will be a Gold Mine for Hackers After Microsoft’s End of Support

By: Radu Tyrsina
3 minute read

While Microsoft tries desperately to increase the number of its Windows 8 sold copies, Windows XP still holds an impressive 37% market share of desktop operating systems. Redmond hopes that when it will stop support for Windows XP in April 2014, this will contribute to the increase of Windows 8 sales.

And it seems that cybercriminals are very well-prepared for that moment,  readying waves of Windows XP attacks that are bound to convert into nice amounts of money, as the average price on the black market for a Windows XP exploit is said to be from $50,000 to $150,000, according to security expert Jason Fossen. When Microsoft will no longer support Windows XP, this means that it will no longer provide security patches, thus leaving it wide open for hackers to bank bugs discovered between now and April 2014.windows xp infected

Windows XP to become a treasure for hackers

 

Don’t think that Microsoft has already abandoned Windows XP; there are almost weekly critical security updates being readied for those that still use it. Usually, if Microsoft detects a critical bug that is heavily exploited by hackers, Microsoft will issue a security update as fast as it can and will not wait for its monthly Patch Tuesday schedule to do it. Jason Fossen explains:

When someone discovers a very reliable, remotely executable XP vulnerability, and publishes it today, Microsoft will patch it in a few weeks. But if they sit on a vulnerability, the price for it could very well double.

A new vulnerability is also referred to as a “zero-day” one. Most likely, cybercriminals have already started discovering “zero-day” vulnerabilities and are just waiting for Microsoft to stop security support so that they could later on sell them or use them on unprotected computers. A good sign for this theory might represent the decrease in Q4 of 2013 and Q1 of 2014 of publicly disclosed Windows XP vulnerabilities. The same Fossen says that “hackers will be motivated to sit on them” and to wait to get a “better price”.

This is a big issue because despite the fact that Microsoft will retire Windows XP, it will still have a big marketshare, something around thirty percent, which means that Windows XP will be present on millions of computers worldwide, a real gold mine for cybercriminals. There will be a few companies, organizations and government agencies that will still get Windows XP security patches, because they pay big fees for custom support.

windows xp hacked

And here are some interesting facts from the second half of 2012 about XP’s weak security protection when compared to Windows 7:

  • Windows XP infection rate: 11.3 machines per 1,000
  • Windows 7 SP1 32-bit infection rate: 4.5 per 1,000
  • Windows 7 SP1 64-bit. infection rate: 3.3 per 1,000 

There is no data yet on Windows 8, but most likely the numbers are even better. Brian Gorenc, manager of HP Security Research’s Zero Day Initiative:

Windows XP vulnerabilities will be valuable as long as enterprises utilize that version of the operating system. Researchers are primarily focused on the critical applications being deployed on top of the operating system. Attackers and exploit kit authors seem to rely on the fact that the update process and tempo for applications are not as well defined as those for operating systems.

As Fossen observes, if there will be heavily-exploited zero-day vulnerabilities in Windows XP, the users themselves will “organize and demand patches”. Jason Miller, manager of research and development at VMware:

What if XP turns out to be a huge virus hotbed after support ends? It would be a major blow to Microsoft’s security image

One of the best solutions for Microsoft would be to come up with a new upgrade offer, cheaper than previous ones, to convinces users to leave XP behind and embrace Windows 8.

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading