Friday, September 18, 2015

Yes, the bad* guys at Microsoft are still fixing some Windows XP issues

WARNING: Despite what you read in this post, you should get rid of Windows XP as soon as possible. Get Linux. If you cannot, do all work in a free Virtual Box virtual machine. 
If you do not understand the previous sentence, well, run Win 8.1 or Apple.

Microsoft Windows XP has had tons of issues over its lifetime, which ended in April 2014.

But perhaps the biggest complaint you can rightly make about Microsoft Windows XP in the fall of 2015 is this: Microsoft's own statement that there will no longer be security updates or technical support.

About that technical support:
Nobody misses the absence of it because not much of it was around when XP was alive and kicking like a stubborn mule.

About those security updates:
The thing about the statement on Microsoft's web page is that it is both totally correct and totally wrong at the same time.
That's because the company has great lawyers who try to do their best, or worst, to avoid or defeat law suits.

For folks like you and me, this means there are no patch WhateverWeekday security updates for Windows XP as defined in some other lawyer approved formal management document.

Yes, you can be sure many folks at MS would rather not work on XP any more.

But fixes to WinXP are being made as of this writing.

How Microsoft patches discontinued software:
This is for the historical record. It is no secret. Hackers who do not know this by now should stop calling themselves hackers.

Technical support is provided by MS for a subset of discontinued products. Most discontinued products simply disappear in a bit bucket whose size befits a big company like MS.

Products that have a large paying user base are governed by a thing called a contract.
[If you hate MS and are addicted to the road rage equivalent byte rage, insert a gratuitous reference including the words "mafia" and "contract" here.]

In short, if a big customer wants patches after a product is no longer supported, the customer will get patches.

No, besides XP, I am not going to list discontinued products which I assume must be being actively patched right now for MS customers. You can guess some if you have been around IT for a while. I worked on some patches for discontinued MS products myself.

Windows XP is special in this regard because there is a near astronomical number of existing users out there in 2015. The last estimates I saw claim that about 15% of users are still hanging on to XP.
Not long ago, XP was running, for example, on the entry terminals of the United Kingdom Border Control.** 

Of course, IT security folks see this as a nightmare.

But they see everything as a nightmare if you give them more than a page to write or more than five minutes to talk about it.

Unlike the systems I worked on, individual home users of XP do benefit from the occasional security patch.

To MS, pushing out XP patches to registered individual users creates basically no additional cost once a patch has been written and tested for some big name customer.
At the same time, MS gets all the benefits from these low key updates because the policy substantially reduces the likelihood of more big screaming international headlines.

The Siemens Corporate IT Security chief is quoted in today's ZEIT ONLINE as saying that there are no more security updates for Windows XP.

TheEditor of the K-Landnews recommended this comment on the statement of the IT SEC chief: Look, to me as the nasty, grumpy old editor, this would deserve a strong dissing, but I'd suggest we give the man credit. So, we assume he only quoted from the Microsoft web page, and we assume - highly skilled as a Siemens IT SEC person must be - that he understands the lawyered phrasing on said page. You good with that?

Sure, boss.

Okay, then.

If you are broke and cannot get rid of Windows XP, some simple steps will keep you fairly safe for a while longer:
1. Put your user self into a non-administrator group to avoid being continuously exposed as "admininstrator" to the world.
2. Run a good anti-virus religiously.
3. Do not open each and every email attachment. Phone calls cost next to nothing, so call up that friend, and stay away from "delivery" notices and steamy attachments.
4. Check the web for more tips on staying secure.

* Bad as in good.
** That's not a secret, all you need to do is turn around after passing passport checks to see where your travel mate is in the line - or queue, as they call it.


No comments:

Post a Comment