Microsoft Extends Updates For Windows XP Security Products Until July 2015

An anonymous reader writes "Microsoft today announced it will continue to provide updates to its security products for Windows XP users through July 14, 2015. Previously, the company said it would halt all updates on the end of support date for Windows XP: April 8, 2014. For consumers, this means Microsoft Security Essentials will continue to get updates after support ends for Windows XP. For enterprise customers, the same goes for System Center Endpoint Protection, Forefront Client Security, Forefront Endpoint Protection, and Windows Intune running on Windows XP."

*sigh*

[Anonymous Coward]

If companies claim they haven't had enough time to upgrade their OS or update/rewrite their software, it is because they never will.

Re:

[jddeluxe]

If I had mod points today you would get some...

Re:*sigh*

[epyT-R]

..or maybe xp is good enough for them and the newer versions of windows don't offer enough incentive to upgrade. Considering how bad current microsoft contracts are, it might actually make more sense to wall those machines off from the net and keep using them instead of staying on that one-more-patch-tuesday-til-I'm-secure treadmill.

Re:

[Salgat]

This is the case where I work. On our machines are HMIs (interfaces to control the machine); you don't ever actually see Windows. The reason to upgrade from XP to 7 is purely because of security. Until the updates end, there are no good reasons to stop using XP since it does exactly what it is needed for.

Re:

[mlts]

Other than Windows 7 (or for that matter 8.1) being an OS made to address security concerns for 2014 as opposed to having security strapped onto an OS made in 2001, for a lot of users, XP is good enough.

Other than being newer, there just isn't much in Windows 7 or newer that is groundbreaking and would get users to move to it. Moving from ME to XP was an obvious improvement, but from a user's perspective, XP to Windows 8.1 just doesn't bring that much with it for their sake, other than it being easier to r

Re:

[epyT-R]

For highly customized configurations (like HMIs), it's better to just use the disk image provided by the manufacturer and isolate it accordingly than it is to try to update the base OS. Let the manufacturer worry about that.

Re:

[LordLimecat]

There is a decent amount of new stuff in Windows 7, but upgrades will rarely be sexy to the end user. Its a little amazing that Apple gets users to even care about updates, and even there I dont know many people outside of Apple geeks who really care about Lion vs Mountain Lion vs Mavericks (other than that they do tend to upgrade right away, much to the IT dept's chagrin).

The interface is IMO a huge improvement for productivity (hot-keyable pinned taskbar icons, window snapping, improved start menu + inde

Re:*sigh*

[exomondo]

Because Apple products don't go end of life, they go out of fashion.

Re:

[ynp7]

XP was never that great even when it was recent. It's certainly much, much worse than Windows 7, 8, and even Vista. Fucking well past time to let that shit die.

Re:*sigh*

[epyT-R]

Of course it isn't. It's just not that much worse to justify changing it over, especially for old hardware. No version of windows is safe from the internet. I guess I'm saying that if the need for security is important enough, it's better to cut access to the net for the average workstation regardless of windows version.

Most of those infected xp machines are owned by careless/clueless users who will soon be just as infected on windows 8 as they were under xp.

Re:

[LordLimecat]

No version of windows is safe from the internet.

This is a stupid meme, and it needs to die. If you dont understand how and why infections occur, or better yet if you dont regularly deal with IT security, its probably best not to even comment on it.

Re:*sigh*

[epyT-R]

..and instead of making assumptions, you could just explain why you think the meme is stupid, or just not comment.

It's general practice to use a firewall at least. Ask yourself why that is. If your machines are bare or just depend on the built-in firewall, they are not secure.

Re:

[similar_name]

I don't know, Windows XP was the first consumer/client version of Windows to use the NT kernel. That made it pretty good for it's day. For consumers, everything before it, was still based on DOS.

Re:

[mcgrew]

XP was never that great even when it was recent.

I've used both XP and W7 and I really see few visible improvements in W7 aside from the eye candy, and several areas where features were downgraded. For instance, the XP file manager is heads and shoulders above W7's. Neither one is really "great"; KDE is far more useable and has more features and I'm sure that holds true with Apples, too, but XP and W7 were both almost OK. Good enough that I still have XP on one of my towers (I just got a reprieve,I was going

Re:

[LordLimecat]

..or maybe xp is good enough for them and the newer versions of windows don't offer enough incentive to upgrade.

Except for the lack of maintenance, which is always a good reason in the Linux / Unix world but apparently doesnt fly with windows?

instead of staying on that one-more-patch-tuesday-til-I'm-secure treadmill.

Right. Because Linux / Firefox / Flash / Acrobat dont all need security updates.

Re:

[Anonymous Coward]

It just sucks that MS doesn't make a 32b, legacy, low footprint OS for those that need to run old software.

First, you can get Win 7 Pro in a 32 bit version. And let's not forget about this [microsoft.com]?

Re:*sigh*

[Chaos Incarnate]

Windows XP Mode is just an XP VM. It will still have the same vulnerabilities as an unpatched Windows XP.

Re:*sigh*

[Immerman]

>Being 64b is an *actual* reason to upgrade

For office drones? Really? That 3.5GB RAM limit was a bit of a nuisance for some specific things, but realistically how many office computers ever run up against it? No argument that servers and "Big Iron" can benefit substantially *if* the dataset is large enough to be seriously RAM limited. Even serious gaming rigs can often benefit dramatically from all that extra RAM and vectorization potential. But how many office applications can actually benefit notably from vectorized instruction optimizations? They spend almost all their time waiting on the user anyway, it doesn't really matter how fast they do it.

Re:*sigh*

[Luckyo]

Actually most modern games still run on 4GB RAM just fine even on w7 64bit. There is a very small subset of games that do require more, most of them terribly optimized and usually still in alpha/early beta.

Extra RAM on windows mainly helps mitigate memory leaks and hide the fact that Vista/7 is a huge memory hog with massively greater RAM requirements for OS overhead than XP ever was. Which doesn't impact you if you stay on XP. Microsoft also claims it helps caching, and to a certain extent it does. But in most cases, this advantage is negligible.

So more RAM makes sense on 7. But XP? Not so much. Which is another reason NOT to move from XP.

Re:*sigh*

[Billly Gates]

Its 2014. Time to move on. You can get 4 gigs of ram for $50. Bare in mind Windows 7 disk and ram usage is over reported as it buffers things if the kernel detects extra ram. Disk usage is inflated from SXS which means Windows keeps extra dll versions that dynamically linked. That is a feature and you can trim with disk cleanup.

XP is a security nightmare and most MBA managers do not know or calculate this. XP doesn't scale well past 2 cores and is not optimized with CPU instructions from more modern CPUs

Re:

[necro81]

Please bear in mind [grammarist.com] that there are only a few things I that want to be bare in my mind.

Re:*sigh*

[Billly Gates]

4,000 employees waiting 10 minutes for their workstations to boot as XP lacks a registry defragger and runs apps which cause winrot, not to mention lack ahci command queing for data so your disks can only handle one thing at a time, plus an added batshit paging and swap algorithm will do just that.

Now add no work for 4 hours during your mccrappy virus scan and that is more money lost. Cryptolocker locking a share randsom due to security not up to par as Windows 7 and more $$$$.

Should I go on?

You also can keep that IE 6 shitwareERP by insecure ltd by using Citrix or VMware and run it in a browser. Even your IPad has access.

The licensing savings will pay for this due to not upgrading.

That is what a good IT professional does. He is proactive and not reactive who lets harm come in by being lazy.

Re:*sigh*

[LordLimecat]

For office drones? Really? That 3.5GB RAM limit was a bit of a nuisance for some specific things, but realistically how many office computers ever run up against it?

1) Anyone doing heavy duty spreadsheet, graphics, or database work is going to need a decent chunk of RAM
2) Modern webpages absolutely gobble up RAM. You can blame the browser, and that works, until you look at the competition and see that, wow, 5 tabs really does eat up ~500MB RAM no matter what browser you use
3) On my prior work computer, with 4GB RAM, I was booting to 3.2GB consumed off the bat. It was windows 7, granted, but the lions share of it was security and compliance crap. Start up my powershell environment, open a few browser tabs, and open a document or two and Im eating into the page file like disk thrashing was going out of style.

Re:

[Anonymous Coward]

The "office drones" fallacy is just another version of the "typical home user" who doesn't need anything more than a PC that can do web surfing and basic word processing. It's where ignorant people make the assumption that just because there are a handful of tasks common to most users that this somehow means that all of those people only do those basic tasks and only the extreme minority actually do other things that need somewhat decent hardware. Obviously that isn't true at all otherwise the PC market wou

Re:

[LordLimecat]

XP with 4GB of RAM loses ~1.5GB of ram to addressing problems off the bat. There goes the arguable RAM advantage it has over 7.

Anyone who's used XP in an office recently knows it its unusable at less than 768MB, out of a general maximum of 2.5-3.2GB (depending on hardware). As I said, add in mandatory compliance and security stuff and youre up to 1.5-2GB, leaving maybe a gig for programs. Thats a few browser windows, a document, and not much else.

The average office worker, on the other hand, will have Ou

Re:*sigh*

[Immerman]

I think you mean 0.5GB of RAM lost. Lot's of funky memory mapping stuff using the address space above 3GB, but the first three had no major issues, and you were able to use much of the forth GB as well. And if you need enough compliance and security software running at all times to consume a GB or two of RAM I have to suggest that you're not a typical office user.

As for performance - I rarely have fewer than 20 Firefox tabs open, and often several times that, and it's not all that uncommon to also simultaneously be running an IDE with a mid-sized hobbyist application, a few multilayer images in GIMP, maybe a few vector graphic files in Inkscape, and a handful of Sketchup scenes spread across a half-dozen virtual desktops. Nothing really huge, but a lot more active data than most office workers are dealing with at one time. And this all runs reasonably smoothly on my horribly outdated 32-bit single-core XP gaming rig with only 2GB of RAM. (what can I say, I don't game like I used to and just can't justify spending $1000+ for prettier graphics in the same games). Admittedly I have done some non-standard optimizations to help things out a fair bit (the biggest one - setting the minimum swap file size to 6GB and making sure it's completely defragmented and at the front of the disk where access is fastest). Things are a bit snappier feeling on the more modern systems I use, but realistically I doubt the difference is enough to save me even a minute a day in actual productivity. If you're seeing drastically worse performance then I would suggest you may have other issues lurking within the system. Or you're just using some seriously resource-hogging applications.

Re:

[klui]

I would have thought so, too. But my current machine in the office isn't running too many development/management tools and it's using 4.5GB. The largest RAM hog? Outlook at 400MB. There are a little over 100 processes. I can't imagine someone who uses Excel on a regular basis using less than 6GB.

Re:

[epyT-R]

Well, I realize I'm in a minority, but I ran xp x64 for many years before moving to 7. A lot of hardware did actually work just fine with it, though sometimes the setup programs for them had to be manually extracted and installed. The only hardware that didn't work required kernel drivers and only shipped with 32bit binaries.

It was probably the most trouble free experience I've ever had with windows.

Re:*sigh*

[vux984]

Windows Vista introduced a proper security model. 7 was a substantial improvement, 8 was a bit cleaner and 2 steps backwards in usability, 8.1 is about on par with 7 really, with a start screen instead of a start menu.

Without getting into whether 8.1 is better than 7, anything from Vista onwards got the new security model, and THAT is a reason to upgrade.

But remember, security doesn't sell, and this thread just shows how deeply that goes. Because here on /. we spent over a DECADE mocking Windows XP and previous versions running as administrator (aka root), and the majority of users running as administor.

And then Microsoft finally fixed that, and today Windows security and reliability is a lot better as a result, but here we are on /. no less, listing to people tell us with a straight face that there is no reason for them to upgrade from XP.

Security just doesn't sell, not even here. That's sad.

Re:*sigh*

[roc97007]

Or because they've lost the source code, or because the only person who knew the software has long since left the company, or they've tried three times since 2003 but each time was over budget and did not deliver usable code, or development has been at a standstill since they offshored the development team. Or because they don't have the budget to push out new hardware in a down economy. Or, yes, ok, because they never will.

Re:*sigh*

[mythosaz]

It's not so simple.

I'm sitting here now, virtualizing applications in App-V for an XP --> 7 migration project. Most people have no idea the scope of applications used by any sufficiently large company, the sort of resources it takes to locate, acquire, and upgrade existing products, or the skill necessary to shoe-horn old applications business can't move quickly away from into an operating system they were never intended for.

My previous employer had 40,000+ endpoints at 40+ facilities. Each of those facilities was part of a loose federation of medical providers and hospitals, each running their own software, each with dozens of departments with unique applications. Their migration to Windows 7 wasn't going to be free. It took money and manpower, and that doesn't happen overnight.

My current situation is similar, just reduced in size by an order of magnitude. Still nearly a thousand applications -- sure, you can throw a lot of them away, but that takes meeting endlessly with department heads and finding replacements - and testing them - and packaging them for distribution to your new OS in the new tool, since the old tool needs to be replaced along the way. Not everyone had a direct upgrade path to the next version of System Center.

Entire infrastructures needed replaced in a LOT of companies. You can spin up a HP Client Automation infrastructure in a day - if you're the only guy in an IT department, and don't need to wait for a change window to have DBAs configure your backend, and need to wait for networking to make sure machines outside the DMZ can still patch. People over-simplify what has to happen in the "simple" upgrades, and Windows 7 migrations were more than just going out to a PC with a copy of USMT and swapping their hardware.

Oh, and I hope you have an enterprise agreement with Microsoft, and you budgeted all of this years ago in your long-term financial plan, and you're not middle-way through any other initiatives that might cause you to have a moving target - like desktop or application virtualization. If you're going to pull off the bandaid, pull the damned thing off already. Lets get off physical boxes too! I'm sure we'll have all the USB printer issues worked out on the non-persistent desktops soon enough.

You can lose days in finding keys for "critical" one-off licensed software for a machine swap. God forbid you're moving to 64-bit and dealing with old .NET apps that nobody's going to ever re-write. It's not just walking around and swapping out some PCs.

Anyone who tells you otherwise is being willfully ignorant.

Re:

[haruchai]

Sounds like a lot of bad planning. Have seen a lot of that at places I've worked.
Windows XP end-of-life has been known for years; Windows 7 went RTM in July 2009 which means that betas were available for a couple years before that.

So anyone whining about not having enough time, almost 4 years on, is a moron. Sadly, that's true of where I worked not so long ago - a 15000 user organization that only completed their Win 2000 - XP migration 2 years ago.

Re:*sigh*

[bobbied]

Bad planning is all too common especially when the eventual demise is a year or more away. You are talking a long term plan when management is in tactical mode trying to make the numbers for the quarter. If you are there talking about the sky falling in 4 years, you WILL be ignored. It's the nature of how publicly traded companies run. Remember that the last 5 years have been a *serious* problem world wide economically. Most companies are struggling to keep afloat without just throwing in the towel and everybody is dying waiting for any sign of recovery, which so far has not been really seen.

In a business down turn, where you are downsizing, EVERYTHING is tactical and strategic planning is out the door, like the last wave of RIFed off employees. The quickest way to get to follow all those people you used to work with out the door is to start making noise about spending money. Especially if you are in executive management hired and fired by the board. Best you can hope for is to pull the golden parachute rip cord before the chickens come home to roost and let the next poor soul who gets your job deal with it. Even in the best of times, many companies struggle with the "manage to quarter" mentality. It's always about stock price NOW not years down the road.

I for one am not surprised that a lot of companies have buried their heads in the sand and ignored this XP EOL date. So don't castigate the guy describing the problem he faces for not planning ahead. Seems to me, he's on top of the problem and fully knows what needs to be done, but he's not been given the necessary mandate and resources to actually get the problem fixed and work a viable plan. It's not HIS lack of planning, but a result of management choosing the expedient over what is best in the long term.

Re:*sigh*

[peragrin]

the larger the organization the harder it is to change. it is why large government projects fail so hard. How many tries did it take the FBI to update it's systems?

I know one company(80 people) that tried for 5 years to find a fairly simple path to upgrade obsolete IBM server. they still haven't done so. and still connect to the server through special terminal programs.(IBM used an IBM only terminal emulator which they no longer have source code for).

The company i currently work for(20 people) did an ERP switch. the actual data transfer went mostly painlessly. training the users in the much simpler and effective UI took a month of dedicated training, and 6 months of answering "how do I" questions. every once in a while those questions still appear but that is normal.

Now image trying that with a couple of thousand employees, and you have a nightmare.

Re:

[Anonymous Coward]

God forbid you're moving to 64-bit and dealing with old .NET apps that nobody's going to ever re-write.

Oh, it's more insidious than that. One of the 64-bit issues we had to deal with was Microsoft's IPv6 extensions to proxy.pac files. Even though the apps were 32-bit and the machines were on an IPv4-only network, you had to have essentially-duplicate FindProxyForURLEx() functions in the proxy.pac file if the machines were Windows Vista/7/8 64-bit. Contrary to documentation, the 64-bit machines weren't even using the FindProxyForURL() functions. And forget about what happens when ClickOnce is involved.

Re:*sigh*

[mlts]

Don't forget having a KMS infrastructure where every single machine in the company can contact an activation server every 180 days. Yes, one can use MAK type of keying, but if a box needs a reinstall, that means one has to burn another install key.

In a previous life, I've encountered cases with legacy apps as well, where the client was 32 bit... but just would not work on Windows 7 for love or money. I ended up having to use virtual machines running XP for the dedicated program.

Of course, there is the server infrastructure Windows 7 requires. New GPOs, more disk space for updates for WSUS, more PXE images, etc.

So, a move to Windows 7 (or a major OS update for the clients for that matter) isn't something to be taken lightly in a company, because one mistake can trash hundreds to tens of thousands of desktops. At minimum, it requires a test lab and running upgrades to see what ugly issues will rear their heads.

Re:

[slimjim8094]

Yeah, sure, OK, but that's why the time to start all this lengthy work was like 4 years ago, right? That's a really long time to sort out even some pretty massive problems, and have endless meetings with department heads, and testing them, and waiting for the DBA, and waiting for the network configuration - and then have like a year and a half left to actually do the upgrade!. I mean, if a business have such a complicated setup that it's going to take X years to migrate off an OS, doesn't it make sense to s

Re:

[master5o1]

Actually they knew they should be planning a new-os version at least since Vista was released. And probably pushed that planning into a release for Windows 7.

Re:

[LordLimecat]

Its two OS versions back. Having updated regularly at each release from Ubuntu 6.04 to 9.04, I had breakage at each step of the way. Heck, when I was testing Fedora (10?) on my laptop, the very first package upgrade broke several things.

Expecting everything written for a 2001 OS to work on a 2008 OS (plus a service pack) with no problems is hopelessly optimistic. Windows 7 works in a great many cases-- far better IMO than what ive seen with Linux-- but the reality is that OS upgrades do tend to break thi

Re:

[ackthpt]

If companies claim they haven't had enough time to upgrade their OS or update/rewrite their software, it is because they never will.

It's a Slot Machine approach. They keep pulling the handle, hoping for the jackpot which will never come.

Re:*sigh*

[argStyopa]

The FACT is that most of them run just fine and don't NEED to upgrade.

Just because someone says "get on this treadmill" doesn't mean you need to.

Depending on what you want to do with a computer, you could be running flippin' DOS and be perfectly fine (not to mention have your pick of pretty-much-free machines in the dustbin that would run whatever ancient apps you need SCREAMINGLY fast).

Re:

[LordLimecat]

Thats right! Everyone still rocking Red Hat 7.3 on their workstation, unite! 2002 OSes are so the rage!

Somehow you dont hear so much derision about the "upgrade treadmill" from Linux / Mac users. Wonder why that is, particularly if their choice OS is so perfect as to never need an upgrade.

Re:

[Billly Gates]

Still running HP-UX and Sco xenix and old redhat. Legacy apps, but we don't connect them to the internet.

Re:*sigh*

[chipschap]

Because, uh, Linux upgrades are free, and generally automated?

Free for sure, but generally automated? Not on every distro. It's often easier to do a full save, a fresh install, and then restore whatever you need. My Linux Mint upgrades take about a day of work to get everything back to where I want it. That occurs maybe every 18 months, so I don't mind it so much, and I have complete control over the process and a very high probability of complete success (100% success so far, going back many years before Mint, to Ubuntu and Suse before that). It's an annoyance, but hardly fatal.

Oh great...

[Anonymous Coward]

Now I look like an asshole for telling my boss that he ABSOLUTELY HAD to upgrade everything because even Microsoft was killing security updates.

Re:Oh great...

[Jagungal]

This only refers to updates to their AV and Anti Malware products, the OS update will still stop on that date.

It is a good excuse to get Management that might have been dragging their tails up update to something more modern.

Re:Oh great...

[melstav]

Dude. Some shit ain't going to get upgraded no matter how many times you taze that dead horse.

Hell, I've still got SunOS 4.0 in production.

Re:

[LinuxIsGarbage]

Dude. Some shit ain't going to get upgraded no matter how many times you taze that dead horse.

Hell, I've still got SunOS 4.0 in production.

We still have PDP-11's in service. We though we had a solution with an emulator that will run on Windows XP.

Now we are working to upgrade the host OS to Windows 7 which brings along a whole 'nother round of headaches.

Re:Oh great...

[Anonymous Coward]

Security. Windows Vista, 7, 8, and 8.1 all offer better security than XP.

Performance. Windows Vista, 7, 8 and 8.1 have better support for SATA controllers and SSDs than XP.

Modern hardware support. Eventually those 5+ year old PCs die and you have to buy new stuff.

IE > 8. See security.

Bitlocker encryption.

This is just a start. There are many reasons to upgrade past 2002 technology. XP fan boys should be shot at this point.

Re:

[Culture20]

You're still good. This is for updates for security products for XP, not security updates for XP. XP will not get new patches, and existing holes might get exploited, but maybe the updated MS security essentials will warn you. /sarcasm

Re:

[viperidaenz]

They are killing security updates for Windows XP in April.
They are going to continue to provide updates to Microsoft Security Essentials and the other corporate security software until next year.

Re:

[roc97007]

Another 15 months is another 15 months.

Re:

[bloodhawk]

So your schools IT people finally realised they are being locked into a vendor that is only interested in their money. So the solution, Lets go and get locked into another vendor that wants our information so they can sell it. So many choices were available to them and instead of choosing not to be beaten by sticks they choose a different colour stick.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Re:

[bobbied]

If Google is beating us with a stick, I'll take it any day of the week over the Microsoft/Apple stuff we were running.

Here here! Go with Chromebooks.

Microsoft/Apple are a bunch of money grabbing shakedown artists. Have you seen what it costs to buy licenses for their stuff?

I don't begrudge software vendors a profit on their creations, but shesh, you are going to spend north of $1K to get hardware, OS, Office (with outlook) on a managed network for just ONE seat. THEN, the way things work, you won't get support and you will have to re-up the software every year. Enough for me thanks! I'll take my beatings from Google

familiar

[Anonymous Coward]

Like Duke Nuke'm Forever, except opposite.

Final Update to XP

[Anonymous Coward]

I want to see Microsoft issue one last update to every version of IE available on XP that replaces all of their cryptic as fuck SSL errors so instead of saying "the site you are trying to go to is broken" they say "The site you are trying to go to requires a higher level of security than is available on windows XP". Hell, throw a store link in there so they can go buy windows 9 or whatever and upgrade their security, damned if I care.

Until then, it is single-handedly holding back TLS 1.x (>0) and SNI adoption. I can't turn it on on my server or half my customers will call to blame me for my server being "down".

Re:

[TaliesinWI]

For SNI, you can enable it, but you can't rely on it since IE on XP will show SSL errors. However, there are many, many other devices out there aside from IE on XP that don't support SNI.

Most of which are pretty deprecated at this point. Android Honeycomb came out in late 2011, Windows Mobile 6.5 in late 2009, iPhone 4 in mid 2010. All of those (and anything later) are SNI capable. It's pretty much been the "IE on XP" crowd that's holding back adoption, everyone else would be in the 1% "other" category o

Pffft....... Thanks, Oba-

[thatshortkid]

Oh.

Re:

[ChunderDownunder]

The Ruskies were hoping that Putin would fund ReactOS development [slashdot.org] but there's been no new release in the past 6 months, so I guess it's a little premature to welcome our new Kremlin overlords...

Dear Microsoft,

[Irate Engineer]

We really liked Windows XP. Windows 7 is OK too, but please stop churning your OS versions for planned obsolescence and give us what we really want: a stable, updated, secure OS that will last as long as our hardware.

We would be pleased to consider a reasonable subscription fee for such updates as it would afford us significant peace of mind and stability.

Signed,

Many Customers

Re:

[epyT-R]

Dear Microsoft Customer,

We know that you like Windows XP. We like it too, and Windows 7 is alright. OS churn bothers us as well, but the last thing the rest of us want is software as a service that turns our computers into cable boxes.

Signed,

Many Smart Customers

Re:Dear Microsoft,

[LordLimecat]

Dear Microsoft,
Please shutter the part of your company that makes money, and provide us updates and support as a charitable donation for the life of my computer.

Signed,
Irate Engineer
FTFY

Re:

[Billly Gates]

We really liked Windows XP. Windows 7 is OK too, but please stop churning your OS versions for planned obsolescence and give us what we really want: a stable, updated, secure OS that will last as long as our hardware.

We would be pleased to consider a reasonable subscription fee for such updates as it would afford us significant peace of mind and stability.

Signed,

Many Customers

That subscription and update is called Windows 7.

The reason it is not compatible is the same reason Java is not. They do not have the same security and many poorly written apps require local admin or use a particular bug like an IE 6 rendering glitch to position elements, or rely on non recommending practices.

I remember when the same happened with the introduction of XP/Windows 2000 with these apps with peaks and pokes from DOS still in them not running. I survived just fine and it was a big deal after the

Re:

[roc97007]

Dear Ford,

Please continue making parts for my Model T. Newer Ford's are OK too, but please stop churning out new models for planned obsolescence and give us what we really want. A car that isn't burdened with things like fuel injectors, stater motors and disc brakes.

Signed,

Many Customers

Dear Ford,

Please continue making parts for my Model T. Newer Ford's are OK too, but please stop churning out new models for planned obsolescence and give us what we really want. A car that isn't burdened with things like fuel injectors, stater motors and disc brakes.

Signed,

Many Customers

Ooooh. A car analogy.

The problem is, in this case we're talking the manufacturer wanting you to trade in not your model T built in 1927 but your F150 built in 2001 for one built in 2012. When your 2001 model still does a swell job of transporting bales of hay.

Re:Dear Microsoft,

[LordLimecat]

Except that OSes dont have near that long of a lifespan.

2001 was Linux kernel 2.4 2000 was 2.2. Both have long since been EOL'd If you want to look at a full OS, I think Red Hat Linux 7.2 would be right about the same age as XP; it was EOL'd in December 31, 2003 (source [redhat.com]).

Microsoft has gone way beyond what any other OS vendor has ever done, excepting perhaps IBM with some of their ancient AIX boxes.

Re:

[0123456]

Microsoft has gone way beyond what any other OS vendor has ever done, excepting perhaps IBM with some of their ancient AIX boxes.

No-one cares when Microsoft started selling XP. They care about when Microsoft STOPPED selling XP, which was only a few years ago. There are a ton of XP machines only three or four years old that work fine and are deliberately being made obsolete just so Microsoft can make money.

On the plus side, at least some of those forced to upgrade will dump Windows completely and go for a different operating system.

Re:

[Merk42]

Yet if they had STOPPED selling XP years prior people like you would complain they killed it too soon
Microsoft is damned if they do, damned if they don't.

Re:Dear Microsoft,

[Kjella]

No-one cares when Microsoft started selling XP. They care about when Microsoft STOPPED selling XP, which was only a few years ago. There are a ton of XP machines only three or four years old that work fine and are deliberately being made obsolete just so Microsoft can make money.

Well, if they stopped selling XP back in 2007 and told everyone to STFU and switch to Vista we'd be screaming bloody murder about that so damned if you do and damned if you don't. All their support lifecycle clocks start running from when they release the N+1 product (and N+2 for extended support), now that Windows 8 is out the countdown towards Windows 7 EOL is ticking even though they still allow you to buy a Windows 7 machine. Mainstream support ends January 13, 2015 and extended support January 14, 2020. It's not like this is a bloody secret, the policy has been published and the dates set long ago. In short, if you bought XP after April 14, 2009 you know (or should have known anyway) that you were buying an OS already in the extended support phase. Why is ignorance an excuse in the tech world?

Re:

[bobbied]

All of them except the hard drive, which I replaced 10 years ago when I rand out of space.

It's a laptop, there isn't any upgrading it. Oh, the battery and the charger, but none of those have anything to do with XP.

Yes, I'm cheap, but if it works for what I want it to do, why spend money to upgrade when I have to pay for the kid's college?

Re:

[0123456]

It's been over a decade and they've updated & supported it.

That's odd. I didn't buy my netbook with XP installed 'over a decade' ago.

That's still working perfectly fine after three years, yet if I hadn't wiped XP and installed Linux a couple of years ago it would now be obsolete solely because Microsoft say so.

And you wonder why users are pissed off?

Stupid! Stupid!

[Nethemas the Great]

How do you (Microsoft) expect to get people off of that d*mn OS if you keep patching security holes. That was the one lever that might just have been able to do it and now you've gone an f**ked that up. To make matters worse, your piecemeal security patching (MSE, etc.) but not the OS proper will give these holdouts the false impression that their systems are secure when nothing could be further from the truth. Windows 9 won't move them off any more than Windows 8 was able to. All you're doing is hanging yet another neon sign pointing to the ragged, fetid and diseased hole of the malware whore these XP boxes have become.

No, this is smart. This is to keep the customers.

[Anonymous Coward]

The idea that people won't ever move off is absurd. They will. Problem is, if they do so this year a good number are going to OS X, Ubuntu, Chromebooks, etc. Then those new Mac/Linux/Googlized people will begin experimenting with alternatives to Microsoft Office as well. Fuck.

If Microsoft can have those people wait for Windows 9 and Windows 9 is an improvement of any sort, they stand a better chance of keeping the customers. That's all this is.

Re:

[roc97007]

> Problem is, if they do so this year a good number are going to OS X, Ubuntu, Chromebooks, etc rather than deal with Win8.

FIFY

Re:No, this is smart. This is to keep the customer

[exomondo]

Yeah i'm sure all those people who were confused by the lack of a start menu while retaining existing application compatibility are going to be real happy with another OS that also doesn't have a start menu and discards existing application compatibility.

Re:

[roc97007]

Although I'm not particularly a Mac fan, obligatory xkcd [xkcd.com].

In other words, for some significant subset of the people still using XP who aren't doing it merely because of compatibility with old software, perhaps a browser and a few other basic resources would be enough.

Re:

[techno-vampire]

I have a friend in his mid-70s who just adores XP. He's not planning on upgrading after MS stops supporting it because he's sure that third-parties will continue to create and distribute patches for all the new security holes that will be showing up. Never mind the fact that there aren't any such third-parties and that if they were, they wouldn't have access to the source code. I haven't told him this, because we're friends, and I don't want to offend him by telling him things he doesn't want to hear, bu

Re:No, this is smart. This is to keep the customer

[WaffleMonster]

Actually he's correct and you're the one with no clue. Modern attack vectors are not the OS holes - they are browser holes, email software holes, PDF reader holes and so on. In fact, essentially all OS holes that can be exploited directly without third party are secured by a solid third party firewall.

I've noticed a number of GDI and Font type patches drop over the last years... these can get thru firewalls and exploit OS specific issues from any number of browsers or document rendering technology. Coupled with a few privilege escalation vulns of which there are infinite numbers and the result is you can still get owned pretty quickly hiding behind your firewalls.

Re:

[epyT-R]

Are you aware that current versions of windows are not much better off? Most of the attack vectors come from browser holes and bad user choices. No OS will save you from that. Windows Vista/7/8 are not magic fix-alls. If you are 'that' concerned about security and you need windows software, disconnect the machine from the net, at which point it doesn't matter what OS you use.

Re:

[Nethemas the Great]

My frustration doesn't (yet) come from the security angle, but rather having to provide modern software solutions that are compatible with that antiquated pile. I would argue though that at least in the business context (which is really the only environment that counts for Microsoft anyway) where ever user is not an admin user, Windows 7/8 are in many ways far more secure than XP. This is especially true for PEBKAC where Microsoft has made it far easier to neuter the user. With this piecemeal patching of

Re:

[roc97007]

So, wait. What, aside from age, exactly is wrong with XP? It loads programs just fine, even today.

Re:

[armanox]

It's stuck in the 32bit world? Doesn't handle SMP or HT nicely? Loss of software support? Old driver models? Microsoft is tired of supporting it?

Or, I could ask the same questions about RHEL 5, IRIX 6.5, and Solaris 9.

Re:

[roc97007]

We still have servers running RHEL 5. An add-on for a software package would only run on 5.X.

Re:

[whoever57]

We still have servers running RHEL 5. An add-on for a software package would only run on 5.X.

And your point is? RHEL is still (just) in "Production 2" (still getting updates for new hardware). Production 3 (security updates, but no hardware updates) doesn't end until 2017 and the Extended life stage doesn't end until 2020.

Re:

[roc97007]

Previous responder had said they could "ask the same question about RHEL 5". You're actually reinforcing my point.

Re:

[armanox]

Did you ever run the x64 edition? It was a nightmare!

Re:

[Nethemas the Great]

From Microsoft's perspective, everything. From my perspective as chief of engineering whose user base expects the world of modern computing but can't be bothered to migrate off XP a lot. Supporting legacy systems while delivering modern software is a huge headache. Putting new on old often requires adaptation and in many cases limits the tools available to you. If you want a car analogy it's a bit like adapting a hand crank starter to a push button ignition switch.

Re:

[roc97007]

...but that's an artificial reason. I didn't ask what date Microsoft wants to force you to pony up for an unnecessary OS upgrade. I asked, what, aside from age, exactly is wrong with XP?

Re:

[0123456]

So, uh, why should 'dumb' people have to replace the operating system on a perfectly good PC just because Microsoft say so?

Re:

[bloodhawk]

they don't have to. But they should also realise the price of that is it should not be used in any sort of internet connected way when no more security patches are coming.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Windows XP or security products?

[sqrt(2)]

In case some people don't RTFA,

In other words, while Windows XP will no longer be a supported operating system come April, companies will be at least partially protected (the actual OS still won’t get security updates) until next July.

Emphasis mine. XP updates ARE ending, but MSE/Forefront will still get updated. XP will still be susceptible to any zero day until it gets detected by MSE--if it's even installed at all. This is a marginal increase in safety for XP post-EOL, at best. The apocalypse is still nigh.

My advice for fellow ITAs. Don't mention this to your boss at all if you're still trying to migrate. It's not really relevant to the threat posed by XP's end of support. If they get wind of it on their own, emphasize that XP itself is still going to be wide open. At best all MSE does is let you know you've been owned after the fact once MS gets around to updating the definitions. MSE already has a pretty poor record for detecting even older threats. It's better than nothing but you shouldn't be relying on it.

Too bad for hackers

[hcs_$reboot]

Hackers have to wait another year before showing their talent..
On a more serious note, it seems Microsoft, as often, didn't think through the process: halting XP security support in the blink of an eye would open a non closing door to security threats highly harmful to the company image. They gave XP another year, probably to build new update plans from XP to 7 / 8 (...) that would allow more/most companies to migrate in the meantime.

holy fucking nut balls

[slashmydots]

I did not see this coming. I'm CIO and for the last 2 years I've warned the bosses about the problem @ about 95% XP and so far in those 2 years we've replaced negative 2. We added 2 seats and replaced zero lol. Every 100 days (the pattern I developed) they kicked it to the next period. Time to spend the $20 we do have in the IT budget to get a cake tomorrow and I'll announce it to the bosses!
But seriously, our shared and internet surfer and PoS computers are just fine with a socket 775 HT Pentium chip and 2GB of RAM. Why pull them just for XP?

Re:

[Billly Gates]

Time to sign a resignation letter.

You are going to be fired for not keeping things secure when production stops for 1 month as you start after April the migration from zCrypto locker which will keep running around the clock as no patch will be made after you clean each node. As a cost center you will get shafted anyway so might as well do it on your terms rather than the company president.

Idiots. Sorry man but you're screwed and another job is in order. It is not fair to you that a lack of planning on your

Server 2003

[Anonymous Coward]

I knew this was going to happen because Server 2003 was planned to receive extended support until July 14, 2015 and Server 2003 (NT 5.2) is the server edition of Windows XP (NT 5.1).

You're Welcome.

XP is still being used in many places

[hambone142]

Take a look at the PC screens at Home Depot (Windows XP). Fry's Electronics (heck, they sell the new stuff... they're using XP on the store's floor). My dentist office (XP). It goes on. What other big hitters that I've missed? http://redmondmag.com/articles/2013/09/23/xp-still-in-use-by-28-percent.aspx [redmondmag.com] indicates 28.98% are still using XP.

Why is this news?

[w_dragon]

If McAfee announced that they would continue supplying virus definitions to their antivirus running on XP would that make the front page of slashdot? Because that's all MS announced here. I very much doubt it takes them much extra effort to port virus definitions to a previous version of MSE.

Competition will Support XP

[ScottCooperDotNet]

Other Anti-Virus vendors like Symantec [symantec.com], McAfee [mcafee.com], and Kaspersky [kaspersky.com] are going to continue to support XP past April, so why should Microsoft concede market share to these competitors?

Also, Microsoft is going to look pretty bad if a new virus makes a major impact, so having their security product database updates continue will mitigate that. Doing otherwise could easily be spun as irresponsible.

Well I for one, appreciate this

[Trax3001BBS]

Looking at the subject line of the comments, this decision didn't go over well here...

I don't use XP, I like it; Only went to Win7 as Battle Field 3 required it or I'd still be using XP.
I'm sure there are more like me that didn't upgrade as they didn't have a reason.

I appreciate this as well for the fact that miniXP is being treated as public domain, and will be upgraded.
Linux excluded, for me the miniXP has overtaken a Win98 boot disk when it comes to Windows recovery software.

FWIW: Most of my USB pendrives will boot into a Win98 DOS window that will read and write to NTFS drives.
http://bootdisk.com/ [bootdisk.com]