As I was writing this week’s article about whether or not unsupported software presents a security risk, something dawned on me.
Windows XP’s end-of-support date came and went. (It was back in April).
And nothing happened.
Become a Patron of Ask Leo! and go ad-free!
Of course, prior to the deadline there were all sorts of dire warnings that The End was near. The speculation (clearly in hindsight, pure speculation) was that hackers were saving up known exploits to unleash on the world shortly after the deadline passed. Heck, there was even a conspiracy theory that Microsoft was holding on to fixes until after the deadline to leave XP even more vulnerable. Havoc would ensue.
Havoc did not ensue.
In fact, aside from one bug in Internet Explorer that prompted Microsoft to actually release a patch for Windows XP after the deadline anyway1, all’s been pretty quiet on the XP front.
Why I rarely panic
As with most news these days it seems like headlines and stories are full of hyperbole and sensationalism to get our attention and our clicks.
And of course companies with an agenda – like Microsoft’s wanting people to move off of XP – often participate, or at least look the other way as the over-the-top predictions are made.
Knowing that this is how the world works, I choose to take a more laid back “believe it when I see it” kind of approach. The media, the press, and the industry have cried wolf too many times to take their dire warnings seriously right away. And this appears to be another case.
And that’s actually kind of sad. What it means is that exactly like the villagers in the story of the boy who cried wolf, we’re all much less likely to pay attention when a real alarm is raised. At least not until it’s too late.
But it’s time to move on
Now, don’t get me wrong. I do believe that it’s well past time to move on from Windows XP. As I outlined in this week’s article about unsupported software, you are indeed taking on additional risk if you continue to use it. The safest solution is to move on to a supported version of Windows … or any operating system for that matter. Not only that, but we’re most definitely seeing accessories and peripheral hardware like printers and such come along that explicitly will not support Windows XP.
But knowing that it’s not the XPocalypse that so many predicted does mean you have important alternatives.
For one thing, you have time; time to decide what to do. You have time to see what others have done, and make decisions accordingly. You have time to save up for a new machine, if you so desire. You have time to try things like Windows 8, or Mac or Linux. You may even have time to wait for Windows 9.
You also have time to balance or mitigate the risk. Rather than switching from XP immediately you can bolster your security in other ways, perhaps by limiting how you use your XP machine, or finally put into place that comprehensive backup plan you’ve been meaning to set up.
But the good news is that the whole experience has shown us that we don’t need to panic. Not yet anyway.
To be fair, it could still happen
I do have to point out that the disaster scenario could still happen.
I’m not sure how likely it is, but it is possible that a vulnerability might be discovered in the weeks or months ahead that applies to Windows XP. That vulnerability could allow bad things to happen. We don’t know.
What we do know is that we can’t count on Microsoft to fix the vulnerability. After this long, it would have to be pretty serious, and I’m guessing that the bar is extremely high right now for them to even consider looking at anything, much less fixing it.
We also can’t count on our anti-malware tools to protect us. Not only is their support for XP declining, even in the best of circumstances anti-malware tools can’t protect you from everything.
I still believe that if at all possible moving on from Windows XP to a supported OS is the best choice over all.
But at least the world didn’t come to an end last April.
27 comments on “Hey! The World Didn’t End!”
This is pretty much as I expected.
If malware writers exploited any new vulnerabilities in XP too soon, Microsoft could be levered into providing a fix.
Another thing to consider is that Microsoft did extend XP support for enterprises – the primary target of malware writers. Although home users won’t get updates, they are a less enticing target (except for creating zombie machines).
I would expect that IF there is a major attack, it will be about six months after enterprise support ends.
This does not mean XP is safe, only that the major meltdown is less likely. As you pointed out in your article about Excel 2003, XP is still subject to any vulnerabilities common to other OSs, but won’t get fixed.
I agree that it is well past time for people to get over their “we always did it that way” mentality and accept that change, no matter how unpleasant, is inevitable. More people need to re-read your article about attitude.
Good and balanced article as usual. But you guys may be amazed to know that Windows XP is still being fully supported, and won’t really be out of support until 2019. A simple 3-line registry patch unlocks previously hidden updated in Windows update for POS 2009 and other embedded versions of XP. I’ve been using it with great success so far for customers who are still on XP for one reason or another. So the supposed end of support in April was entirely arbitrary and politically motivated–there was nothing technically preventing Microsoft from continuing XP support. XP will continue to be used for years on existing computers until either the underlying hardware wears out or they become too slow for a user’s needs.
To be clear, it’s not a registry patch to simply enable updates in XP. As I understand it it’s a registry patch that fools XP into thinking it’s XP embedded version – a slightly different version of XP. Not all the updates may apply to regular XP, and it’s not guaranteed that they won’t eventually break it. Use at your own risk. It’s fine while it works, but make certain you’re backing up for the day when it might not.
Leo is right on this. What is currently going around on the Web is not a patch, it is a hack changing the version type.
To give a reasonable example, it is like reporting XP Home as being XP Pro. Some updates will work, some will be ignored, but some could really mess things up. At least that’s what I read in a couple of articles on technical sites. I was thinking about making the hack, but after reading the details, I decided it really wasn’t worth the risk.
As Leo said, it may work, or it may make your system unusable (backup, backup).
Keeping my XP until MS comes up with something better. Doesn’t look like that will happen any time soon.
Remember all the fuss about the Millennium bug? Every compute in the world was going to fall over at 1 second into 2000 – what actually happened?- nothing, but a LOT of IT companies & consultants made a fortune
Y2K was definitely an over hyped situation, but the money spent on the problem was to solve a real problem. Banks, insurance companies and any company using programs with files which allocated only 2 digits to the date field had to fix it. Y2K was a real problem which was averted by a lot of work in some cases.
Due to the fact that the millennium date issues were solved nothing happened. Due to the fact that COBOL and MVS/ESA are not cryptical, it was possible to solve the problem.
I had to re-install XP on a PC bought at a yard sale back in June. For $20 what could go wrong? Folks I got it from had it password protected so that’s why I re-installed. Oddly once installed I kept seeing Windows Updates flying at my XP computer and installing. (I now have Windows 7 on it.) Could not figure out why I was getting updates to an OS that wasn’t supported anymore.
That’s because although Microsoft isn’t issuing any new updates, they are still updating to the latest existing updates.
You’re at least getting updates to bring it current to when updates were last created. (End of support means no new updates – previously existing updates remain available.)
Somewhat contradictory don’t you think,
“To be fair, it could still happen
I do have to point out that the disaster scenario could still happen.”
Are you suggesting that the scare mongering had some value ?
I say “Nothing will happen, while we have Internet Security, and Anti-Virus supporting XP to ward of the scare mongers”
“Nothing Happened” remember, nor will it.”
All this scare mongering also occurred with the end of Win 3.1, 3.11, 95, ME, 98 and now XP.
You should all be ashamed for these type of articles and continuing the Bull Shift.
There should be government regulation that oblige companies like Microsoft to provide support for their products after they get replaced by newer versions. Not everybody has the means to buy new versions whenever Microsoft or others decide its time to make money with new versions that nobody asks for, instead they could upgrade there products against a small fee and let users decide if they are happy with older versions or not.
That would be similar to making a law that car and other goods manufacturers continue to produce replacement parts for discontinued cars and consumer goods. For how long would you make them do it? This would considerably raise the price of the products. As it now stands, these things are regulated by market variables, such as competition cost of maintenance etc.
“A government regulation”. @Werner – which government were you thinking of? Yeah, thought already you forgot that we are in a worldwide forum. Anyhow – if MS would support XP ‘forever’, are you willing to pay for the extra cost? They would need people to keep XP up-to-date, and those people want wages, an office, a desk etc. For the record, in Europe car parts are usually stored for about 30 years. But that ‘only’ asks for a large storage facility – hardly comparable to updating software to react to hackers finding new ways to break in.
I specifically installed XP on a couple of rebuilds in order to run MIDI music software, which is not supported by Vista or higher platforms. Neither of these computers will ever be linked to the web, so what’s the problem?
The world didn’t end because there was a world before there were PCs. However, I think it is telling that Microsoft continues to support XP for large organizations as a “more stable” system. I can remember the predictions of doom when Windows 98 went away and the on-line groups who planned to stick with 98. After a malware attack with no available fix, I went to an XP laptop. Over the years, I bought Vista twice as the only alternative to bad hardware problems. Both times I replaced Vista with used XP laptops. I upgraded one of the Vistas to Win 7, but continued to use the XP. I always keep two notebooks so that I have a spare. I bought Windows 8 as the only new platform available in the spring of 2013 and identified 11 problems that I could not live with. I ordered and new Windows 7 premium on line. I just ordered a re-conditioned Windows 7 professional with XP mode, so now I will just have to see. I also have a Linux laptop. While Linux does not have all of the apps I use yet, Linux is getting better and Windows seems to only be getting worse. I rooting for Linux.
Microsoft still didn’t realize how unfair has been about stopping support of Windows XP. All the people who spent money to buy that OS so that they supported Microsoft at the time to be richer and now Microsoft just kicked away those supporters… A solid company doesn’t do such things… There is not excuse for such behaviour…They know that milions of people include myself are still using that OS because they have not choice as the others OS aren’t fully compactible with olders computers…But why should I throw in the bin my beloved computer just because of it’s older for a new OS? I did offer to Microsoft that I will pay him for support of the Windows XP but not answer…Naivety isn’t?
What country are you in? MILLIONS of people stuck with Windows 98SE for years and years before switching to XP for very different reasons than you seem to be aware of! I switched to XP shortly after it was released, it was the buggiest, most crash prone OS available at the time! I switched back to 98SE and stuck with it until finally switching to a new computer. The “malware attack with no available fix” is in your head, probably because you either could not fix it yourself, or paid someone who didn’t know what they were doing. The vast majority of us never got your apparent super malware, and I’m not even going into how you got the malware installed on your computer.
XP was like most new OS, not ready for release to the public when it was released, it did not communicate with many peripherals, it was prone to freezes, many couldn’t shut off their PCs because XP would hang, I can list 50 more reasons why XP was unstable, but everyone knows XP was unstable! So you may have hung on to 98 out of stubbornness, but the vast majority of us hung on to it (98SE) because it worked, and finally worked well. Windows 3 was unstable, 3.1, 3.51, 4.0 were unstable, 95 was unstable, 98 was unstable, 98SE was unstable, Millennium, 2000, Vista, 7 all had issues when they were released.
When people find something that works, of course they want to keep it! New systems not only have a learning curve, they often have serious flaws that only get fixed after the public has serious problems that the OS creators didn’t think of. Windows 8 was a massive mistake, “forcing change” seemed to be the motto, Microsoft quickly learned people don’t want to have to “learn” a new system, 8.1 was quickly released. What Microsoft and other OS creators have not figured out is if you are going to change an OS, make it simpler, more intuitive, the computer we have been promised was just around the corner, for 25 years.. Otherwise, keep the changes in the background, because the vast majority of the people using a computer use three things, the internet, the internet, and the internet. And polls, and people bringing their computers in for repair prove it. 65% of computer users don’t know what the right click button is for!!
XP is only vulnerable online. If you have hardware or software that won’t work with newer OSes, using it offline is safe. I have a piano keyboard that doesn’t have drivers for win 7 or 8, so I still have a win XP netbook. I made it dualboot with Zorin OS so if I ever need to use it to get online, it won’t be with XP. True, the world didn’t end after XP support, but with an option like Zorin OS available for free, why would anybody take a chance using XP online? For the record, I have a win 8 laptop with classic start as my main PC, a couple of win 7 HTPCs and my wife loves her Chromebook.
XP machines will be in the minority now and I don’t think any self respecting will ” Kick a dog while it is down”. Having said that it is my hope that hackers out there are looking for worth while competitors. Just remember as you surf cyberspace you surf blindly waiting to be wiped out by the nearest rogue wave. I am sorry to have to say that, but it could be true. I wish you the best.
I wish we had other resources to choose from. I heard of an OS made in Japan but have never seen another report of it since. Only MS knows how many XP machines are left.
I still use Windows Xp in one of my computers and even have one installed in my Windows 7 computer on a virtual machine!
Now that XP is unsupported, will it turn into a freeware or maybe abandoware? Hope so.
Unlikely. It’ll turn into the same state that Windows 95 is in, whatever you want to call that.
Microsoft has never done anything like that with their older OSes. It would compete with their newer versions.
Him Leo and friends! Your very right sir but personally, I’m unable to switch at the moment:(. And as many others I wasn’t able to continue using my MSE so, I installed and am using ‘Avast” and Monthly install and uninstall ‘Malwarebytes’ and thank the good Lord everything has been clean and clear. You are right though Mr. Notenboom like your saying it’s only a matter of time! Hey Leo, do you think China has any major part in our Windows Xp being dropped besides the amount of time that it “has been going?” I’m only asking that because China wants XP and they are always trying to sorta break in here and their if you know what I mean. Anyway, Todah Sir, thanks buddy for all you do, teach and keep us up to par with.You all also fellow Leo Fans :)! Bye,Michael.
While turning off my XP computer Saturday night (9/13/14) it went into automatic microsoft windows update mode and updated my system for over two hours before shutting down. It still seams to work ok but I too thought they were not supporting the system any more.