Because of the problems associated with application migration and the tendency of home and business user to only undertake major OS upgrades when refreshing their hardware, XP maintains a strong penetration of the worldwide OS market- 29.53% according to netmarketshare.com. Hackers will no doubt be keen to target the large pool of newly vulnerable users. “XP users need to understand that after the end of support, there will be no official way to fix any OS vulnerabilities,”
In addition to the typical threat vectors that are seen even on modern operating systems, Help AG believes that zero-day vulnerabilities-
Windows, in all its iterations, accounts for 90.62% of the total OS market, which is why Help AG believes that upgrading to Windows 8.1 would be the most suitable upgrade path for XP users. “With Windows 8, Microsoft introduced a much more aggressive release cycle, meaning new versions are available very 6-9 months. From a security standpoint this is a good thing as architectural fixes to software are made more frequently than before. Furthermore, Microsoft realized that uptake of Windows 8 was being hampered drastic changes to the new interface. This is why with Windows 8.1, they re-introduced a lot of the look and feel from Windows 7/XP, which now means that Windows 8.1 will now be an easier transition for XP users.”
Dangers for the Payment Industry
Help AG has also expressed concern that once Windows XP goes out of support, a large number of point-of-sales systems in the Kingdom will be at a greater risk of attack and infection. Currently about 60% of the world's POS systems run Window XP Embedded. While this OS will still be supported by Microsoft, the reduced user field owning to the lack of support for the broader XP OS, would mean less security research being devoted to the platform. “A lot of the security fixes for Windows XP Embedded were received through the general update cycles for Windows XP. This is why, with XP going out of support, a large number of components vital to Saudi Arabia's payment industry will now be significantly less secure than before,” concluded Nicolai.
About Help AG
Help AG is a leading IT security solutions, services and consultancy company, founded in Germany in 1995 and active in the Middle East since 2004. A winner of multiple reseller, partner and channel awards, the company was even recognized in 2013 as one of the Top 100 SME businesses by Dubai's Department of Economic Development (DED).
Focusing solely on the security aspects of Information Technology and maintaining an unprecedented 80% of staff in technical positions has enabled Help AG to stand out as the region's trusted advisor capable of delivering the most complex and innovative IT security solutions spanning Application Security, Network Security, Enterprise Mobile Security and Next Generation Modern Malware Protection. This unmatched technical expertise has enabled Help AG to establish a dedicated Security Analysis division offering customers Security Review, Penetration Testing, Configuration Architecture Review, Vulnerability Assessment and Social Engineering and Exploitation services.
As a key player in the security arena, the company remains dedicated to raising regional awareness about IT security threats and trends and regularly conducts informative vendor-agnostic events such as its flagship Security Spotlight Forum (SSF) and CIO Circle of Trust. More information is available at: http://www.helpag.com