Happy Hackers’ Heaven On The Horizon

After Tuesday, July 13th, happy attackers will take advantage of your procrastination and target millions of businesses and individuals still running Windows XP SP2 and Windows 2000. All that low hanging fruit will cause a feeding frenzy and heaven for malicious hackers is on the horizon.

All Microsoft support stops after tomorrow, July 13, for Windows XP SP2 and Windows 2000. There will be no new security updates, non-security hotfixes, or Microsoft support options. It’s free to upgrade to XP SP3 and this will enable companies to get security updates through April 2014.

So why is there still so much XP SP2 around? Due to the economic recession, many companies were forced to slash their budgets and cut employees from their IT staff. Installing service pack 3 may require testing and downtime. SP3 may not add appreciable functionality over the older service pack, but it’s critical to upgrade. SP3 is basically a collection of fixes and patches. In reality, if you are still running XP, then you need new computers with new operating systems like Windows 7. Either way, it’s time to stop ignoring the problem because the next SP2 security or privacy breach will be yours to figure out alone.Senior Manager of Press/Analyst Relations at Microsoft Services, Frank Fellows, posted, “Customers are highly encouraged to migrate to the latest supported service pack which is the latest and most secure version of their product. Staying on a supported service pack is the only way to ensure continued access to security updates and the ability to escalate support issues within Microsoft.”However, technology systems and services provider Softchoice Corp. reported that out of 280,000 business computers analyzed, 46% are still running on Windows XP. 77% of companies are still using Windows XP SP2 on 10% or more of their PCs. On average, 36% of the PCs in every organization run SP2. Additionally, there have been 131 vulnerabilities that were documented for Internet Explorer over the past 2 years.If you think you have neither the time nor the resources to upgrade until you can afford a major PC refresh to Windows 7, then consider this: According to the Ponemon Institute’s 2009 Annual Study: Cost of a Data Breach, the direct costs of a breach is estimated at $60.00 multiplied by the number of records lost. That can easily reach hundreds of thousands or millions of dollars in damages if a database is hacked.Johannes Ullrich, Chief Research Officer at the SANS Institute and CTO of the Internet Storm Center, urges, “Get with the program; move to SP3 before it is too late. There have been only a few instances where Microsoft released security patches after support ended. But in those cases, it was essentially a courtesy in case of high profile vulnerabilities.”Windows XP SP3 can be downloaded at Microsoft’s website or through the Windows Update service.Do you have a choice? Sure you do. You can take action or be prepared to be exploited as part of hackers’ heaven.