Windows XP Follow Up: XP May Be a Bigger Risk than Heartbleed

A few weeks ago we posted a blog offering some stop-gap measures for customers to minimize the risk of their now-unsupported Windows XP devices until they can upgrade.

TechRepublic recently wrote an article stating that Windows XP posed an even larger threat than Heartbleed. Why? They explain it this way:

“Just as Y2K was a specific event, Heartbleed was just one vulnerability. It was identified, a patch was developed, and the world was put on notice. Now, we can move on. It was an isolated moment in time.

Windows XP, on the other hand, is now a permanent, ongoing ‘zero day’ vulnerability. If attackers are smart and stealthy, we may not even know how many vulnerabilities are discovered in Windows XP from this point on — or how critical they are. There won’t be any more patches or updates, so it’s permanently at risk.”

TechTarget published a helpful primer, “An Enterprise Guide to Windows XP Security After End of Updates for XP.” This guide contains useful resources for IT professionals who are creating a migration plan from XP:

Windows XP end-of-life triage: XP security tactics

A Windows XP migration can’t happen overnight, and many organizations find themselves having to secure XP in the interim, without XP updates from Microsoft. Is it even possible? While experts advise transitioning as soon as possible, this advice can help limit the risk until the migration is complete.

How to use Windows Event logs to detect a targeted attack

Whether targeted attacks or opportunistic attacks, Windows Event logs can help spot intrusions into Windows XP systems. Richard Bejtlich explains how to collect the logs and parse the key data.
ASLR and DEP: Two critical Windows XP security features

Learn about address space layout randomization (ASLR) and data execution prevention (DEP) and why any legacy Windows XP instance needs to have them in place to reduce the attack surface.
Use EMET to harden Windows XP against attacks

Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) retroactively applies various security mitigation technologies to XP applications, blocking attacks that exploit common attack vectors, such as buffer overflows and memory corruption.
Office 2003: Is it possible to stay safe after support stops?

Many enterprises are still using Microsoft Office 2003, but it has also reached its end-of-life date as of April 2014. Learn the risks of keeping it in place and how to secure it until an upgrade project begins.

Windows XP end-of-life transition: XP migration planning

Whether your organization is fast-forwarding to its Windows XP upgrade or is already working on the transition, check out SearchSecurity’s best advice on making the business case, choosing which OS to upgrade to and ensuring the process is as smooth as possible.

Now is the time: Making the business case for a Windows XP upgrade

Avast Software claims a disproportionate percentage of PCs infected with rootkits are running Windows XP… in 2011. Since then, XP security has only gotten worse. Learn how to build the business case for an XP upgrade in your organization.
Windows XP upgrade planning: Avoiding a panic

Expert Michael Cobb summarizes the importance of a high-priority Windows XP upgrade, and offers advice to avoid making mistakes during the scramble.
Keys to a successful Windows 7 upgrade project plan

Many Windows XP organizations are moving to Windows 7. Learn about the two major changes in Windows 7 that should be considered before an enterprise-wide Windows 7 upgrade project plan can be implemented.
A pre-implementation Windows 7 security guide for enterprises

Will the security features of Windows 7 make your organization more secure? In this short pre-implementation Windows 7 security guide, expert Michael Cobb details its security features.
Analysis: Windows 8 security features top Windows 7 security capabilities

Many users may not like the dramatic changes in Windows 8, but expert Michael Cobb says there’s a strong case to be made to skip Windows 7 and instead take advantage of the security features in the newer OS.