With no more fixes, patches or updates, companies still running XP are wide open to attack – it’s time to migrate, now.
Pure Hacking, an award-winning Australian information security consultancy, is strongly advising those companies and individuals still running Windows XP as their operating system to migrate to the stable, mature Windows 7 – now.
From 8 April 8 2014, Microsoft’s support for Windows XP will be switched off. There will be no further security fixes, patches for vulnerabilities or updates for the operating system. There will be no protection from new attacks, intrusion or hacking, even for those who have upgraded from Service Pack 2 to Service Pack 3.
Gordon Maddern, Chief Technology Officer at Pure Hacking, said: “Across Australia there are tens of thousands of machines still running Windows XP – just think POS terminals, let alone all those SMBs. Anyone still on XP is will be wide open to attack. All new vulnerabilities – and countless numbers of these are likely – will no longer be fixed by Microsoft. I cannot stress enough, it’s time to migrate, migrate, migrate.”
Pure Hacking’s advice is to:
- Disable what you don’t need on the operating system: Good system hardening is an essential first step and should be applied to all production systems. Steps include removing unnecessary programs and utilities such as file and print sharing, disabling guest accounts, changing default passwords and enabling auditing to alert to unauthorised access attempts.
- Replace XP with Windows 7: This is of particular urgency for any end user systems that have connectivity to the Internet.
- Segregate legacy installations: Move Windows XP machines that cannot be updated to a segregated network or zone. Set strict access control that won’t allow communication with the rest of the network so that any breach can be contained.
- Implement application whitelisting control: This works in the opposite way to antivirus in that it allows only known good/trusted software to run as opposed to stopping known bad software. Windows XP has some built-in support for this, called software restriction policies, however third party application whitelisting products typically provide much better protection.
-- end --
About Pure Hacking - www.purehacking.com
Pure Hacking is an award-winning Australian specialist information security consultancy. As the authoritative source in strategic, application, infrastructure and operational services, Pure Hacking has set the standard for ethical hacking and security consulting since 2002. Simply put, Pure Hacking saves companies from devastating attacks by enabling secure business.